Bug 1245955 – CVE-2015-5605 chromium-browser: v8 denial of service

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1245955 - (CVE-2015-5605) CVE-2015-5605 chromium-browser: v8 denial of service

Summary:	CVE-2015-5605 chromium-browser: v8 denial of service

Status:	CLOSED ERRATA

Aliases:	CVE-2015-5605

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20150723,repor...
Keywords:	Reopened, Security

Depends On:	1245437 1245438
Blocks:	1245439
	Show dependency tree / graph

Reported:	2015-07-23 04:27 EDT by Martin Prpič
Modified:	2015-11-24 07:23 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:	Chrome 44.0.2403.89
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2015-07-28 02:21:21 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:1499	normal	SHIPPED_LIVE	Important: chromium-browser security update	2015-07-27 09:08:30 EDT

Groups: None (edit)

Description Martin Prpič 2015-07-23 04:27:43 EDT

A vulnerability was found in Google Chrome up to 43.0.2357.134. It has been classified as problematic. Affected is an unknown function of the component v8. The manipulation with an unknown input leads to a denial of service vulnerability.

Additional information:

http://www.scip.ch/en/?vuldb.76794

Comment 1 Huzaifa S. Sidhpurwala 2015-07-24 23:00:27 EDT

This issue was is tracked in chromium tracker via the following bug:

https://code.google.com/p/chromium/issues/detail?id=512110
https://code.google.com/p/chromium/issues/detail?id=469480

This is fixed in google-chrome 44.0.2403.89 but was not listed in the chrome advisory web page.

Comment 2 errata-xmlrpc 2015-07-27 05:09:37 EDT

This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2015:1499 https://rhn.redhat.com/errata/RHSA-2015-1499.html

Note You need to log in before you can comment on or make changes to this bug.