Bug 1101056 (CVE-2014-3152) - CVE-2014-3152 v8: integer underflow fixed in Google Chrome 35.0.1916.114
Summary: CVE-2014-3152 v8: integer underflow fixed in Google Chrome 35.0.1916.114
Alias: CVE-2014-3152
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1101057 1101058
Blocks: 1091840
TreeView+ depends on / blocked
Reported: 2014-05-26 02:52 UTC by Murray McAllister
Modified: 2020-11-05 10:33 UTC (History)
50 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2014-06-16 19:13:50 UTC

Attachments (Terms of Use)

Description Murray McAllister 2014-05-26 02:52:56 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-3152 to
the following vulnerability:

Name: CVE-2014-3152
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3152
Assigned: 20140503
Reference: http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
Reference: https://code.google.com/p/chromium/issues/detail?id=358057
Reference: https://code.google.com/p/v8/source/detail?r=20363

Integer underflow in the LCodeGen::PrepareKeyedOperand function in
arm/lithium-codegen-arm.cc in Google V8 before, as used in
Google Chrome before 35.0.1916.114, allows remote attackers to cause a
denial of service or possibly have unspecified other impact via
vectors that trigger a negative key value.

It is not clear if the version in Fedora is affected or not.

Comment 1 Murray McAllister 2014-05-26 02:54:55 UTC
Created v8 tracking bugs for this issue:

Affects: fedora-all [bug 1101057]
Affects: epel-6 [bug 1101058]

Comment 2 Tomas Hoger 2014-06-16 19:13:50 UTC
This issue is in the ARM-specific code, hence this does not affect any Red Hat product.

Note You need to log in before you can comment on or make changes to this bug.