CVE-2012-2819: Input Validation
First published: Wed Jun 27 2012(Updated: )
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387.
Credit: cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome (Trace Event) | <=20.0.1132.42 | |
| Google Chrome (Trace Event) | =20.0.1132.0 | |
| Google Chrome (Trace Event) | =20.0.1132.1 | |
| Google Chrome (Trace Event) | =20.0.1132.2 | |
| Google Chrome (Trace Event) | =20.0.1132.3 | |
| Google Chrome (Trace Event) | =20.0.1132.4 | |
| Google Chrome (Trace Event) | =20.0.1132.5 | |
| Google Chrome (Trace Event) | =20.0.1132.6 | |
| Google Chrome (Trace Event) | =20.0.1132.7 | |
| Google Chrome (Trace Event) | =20.0.1132.8 | |
| Google Chrome (Trace Event) | =20.0.1132.9 | |
| Google Chrome (Trace Event) | =20.0.1132.10 | |
| Google Chrome (Trace Event) | =20.0.1132.11 | |
| Google Chrome (Trace Event) | =20.0.1132.12 | |
| Google Chrome (Trace Event) | =20.0.1132.13 | |
| Google Chrome (Trace Event) | =20.0.1132.14 | |
| Google Chrome (Trace Event) | =20.0.1132.15 | |
| Google Chrome (Trace Event) | =20.0.1132.16 | |
| Google Chrome (Trace Event) | =20.0.1132.17 | |
| Google Chrome (Trace Event) | =20.0.1132.18 | |
| Google Chrome (Trace Event) | =20.0.1132.19 | |
| Google Chrome (Trace Event) | =20.0.1132.20 | |
| Google Chrome (Trace Event) | =20.0.1132.21 | |
| Google Chrome (Trace Event) | =20.0.1132.22 | |
| Google Chrome (Trace Event) | =20.0.1132.23 | |
| Google Chrome (Trace Event) | =20.0.1132.24 | |
| Google Chrome (Trace Event) | =20.0.1132.25 | |
| Google Chrome (Trace Event) | =20.0.1132.26 | |
| Google Chrome (Trace Event) | =20.0.1132.27 | |
| Google Chrome (Trace Event) | =20.0.1132.28 | |
| Google Chrome (Trace Event) | =20.0.1132.29 | |
| Google Chrome (Trace Event) | =20.0.1132.30 | |
| Google Chrome (Trace Event) | =20.0.1132.31 | |
| Google Chrome (Trace Event) | =20.0.1132.32 | |
| Google Chrome (Trace Event) | =20.0.1132.33 | |
| Google Chrome (Trace Event) | =20.0.1132.34 | |
| Google Chrome (Trace Event) | =20.0.1132.35 | |
| Google Chrome (Trace Event) | =20.0.1132.36 | |
| Google Chrome (Trace Event) | =20.0.1132.37 | |
| Google Chrome (Trace Event) | =20.0.1132.38 | |
| Google Chrome (Trace Event) | =20.0.1132.39 | |
| Google Chrome (Trace Event) | =20.0.1132.40 | |
| Google Chrome (Trace Event) | =20.0.1132.41 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://code.google.com/p/chromium/issues/detail?id=120977
- http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html
- http://trac.webkit.org/changeset/117191
- http://trac.webkit.org/changeset/118410
- https://bugs.webkit.org/show_bug.cgi?id=85942
- https://chromiumcodereview.appspot.com/10444013
- https://hermes.opensuse.org/messages/15075728
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14938
Frequently Asked Questions
What is the severity of CVE-2012-2819?
CVE-2012-2819 has a high severity rating due to its potential to cause denial of service and application crashes.
How do I fix CVE-2012-2819?
To fix CVE-2012-2819, update Google Chrome to version 20.0.1132.43 or later.
What versions of Google Chrome are affected by CVE-2012-2819?
CVE-2012-2819 affects Google Chrome versions prior to 20.0.1132.43.
What type of attack does CVE-2012-2819 enable?
CVE-2012-2819 could allow remote attackers to exploit the vulnerability, leading to application crashes.
Is there a workaround for CVE-2012-2819 if I cannot update?
There are no known workarounds for CVE-2012-2819; updating to a secure version is strongly recommended.
- agent/references
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/google chrome (trace event)
- version/google chrome (trace event)/20.0.1132.42
- version/google chrome (trace event)/20.0.1132.0
- version/google chrome (trace event)/20.0.1132.1
- version/google chrome (trace event)/20.0.1132.2
- version/google chrome (trace event)/20.0.1132.3
- version/google chrome (trace event)/20.0.1132.4
- version/google chrome (trace event)/20.0.1132.5
- version/google chrome (trace event)/20.0.1132.6
- version/google chrome (trace event)/20.0.1132.7
- version/google chrome (trace event)/20.0.1132.8
- version/google chrome (trace event)/20.0.1132.9
- version/google chrome (trace event)/20.0.1132.10
- version/google chrome (trace event)/20.0.1132.11
- version/google chrome (trace event)/20.0.1132.12
- version/google chrome (trace event)/20.0.1132.13
- version/google chrome (trace event)/20.0.1132.14
- version/google chrome (trace event)/20.0.1132.15
- version/google chrome (trace event)/20.0.1132.16
- version/google chrome (trace event)/20.0.1132.17
- version/google chrome (trace event)/20.0.1132.18
- version/google chrome (trace event)/20.0.1132.19
- version/google chrome (trace event)/20.0.1132.20
- version/google chrome (trace event)/20.0.1132.21
- version/google chrome (trace event)/20.0.1132.22
- version/google chrome (trace event)/20.0.1132.23
- version/google chrome (trace event)/20.0.1132.24
- version/google chrome (trace event)/20.0.1132.25
- version/google chrome (trace event)/20.0.1132.26
- version/google chrome (trace event)/20.0.1132.27
- version/google chrome (trace event)/20.0.1132.28
- version/google chrome (trace event)/20.0.1132.29
- version/google chrome (trace event)/20.0.1132.30
- version/google chrome (trace event)/20.0.1132.31
- version/google chrome (trace event)/20.0.1132.32
- version/google chrome (trace event)/20.0.1132.33
- version/google chrome (trace event)/20.0.1132.34
- version/google chrome (trace event)/20.0.1132.35
- version/google chrome (trace event)/20.0.1132.36
- version/google chrome (trace event)/20.0.1132.37
- version/google chrome (trace event)/20.0.1132.38
- version/google chrome (trace event)/20.0.1132.39
- version/google chrome (trace event)/20.0.1132.40
- version/google chrome (trace event)/20.0.1132.41