CVE-2013-6621: Use After Free
First published: Wed Nov 13 2013(Updated: )
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SUSE Linux | =12.2 | |
| SUSE Linux | =12.3 | |
| SUSE Linux | =13.1 | |
| Google Chrome (Trace Event) | <=31.0.1650.47 | |
| Google Chrome (Trace Event) | =31.0.1650.0 | |
| Google Chrome (Trace Event) | =31.0.1650.2 | |
| Google Chrome (Trace Event) | =31.0.1650.3 | |
| Google Chrome (Trace Event) | =31.0.1650.4 | |
| Google Chrome (Trace Event) | =31.0.1650.5 | |
| Google Chrome (Trace Event) | =31.0.1650.6 | |
| Google Chrome (Trace Event) | =31.0.1650.7 | |
| Google Chrome (Trace Event) | =31.0.1650.8 | |
| Google Chrome (Trace Event) | =31.0.1650.9 | |
| Google Chrome (Trace Event) | =31.0.1650.10 | |
| Google Chrome (Trace Event) | =31.0.1650.11 | |
| Google Chrome (Trace Event) | =31.0.1650.12 | |
| Google Chrome (Trace Event) | =31.0.1650.13 | |
| Google Chrome (Trace Event) | =31.0.1650.14 | |
| Google Chrome (Trace Event) | =31.0.1650.15 | |
| Google Chrome (Trace Event) | =31.0.1650.16 | |
| Google Chrome (Trace Event) | =31.0.1650.17 | |
| Google Chrome (Trace Event) | =31.0.1650.18 | |
| Google Chrome (Trace Event) | =31.0.1650.19 | |
| Google Chrome (Trace Event) | =31.0.1650.20 | |
| Google Chrome (Trace Event) | =31.0.1650.22 | |
| Google Chrome (Trace Event) | =31.0.1650.23 | |
| Google Chrome (Trace Event) | =31.0.1650.25 | |
| Google Chrome (Trace Event) | =31.0.1650.26 | |
| Google Chrome (Trace Event) | =31.0.1650.27 | |
| Google Chrome (Trace Event) | =31.0.1650.28 | |
| Google Chrome (Trace Event) | =31.0.1650.29 | |
| Google Chrome (Trace Event) | =31.0.1650.30 | |
| Google Chrome (Trace Event) | =31.0.1650.31 | |
| Google Chrome (Trace Event) | =31.0.1650.32 | |
| Google Chrome (Trace Event) | =31.0.1650.33 | |
| Google Chrome (Trace Event) | =31.0.1650.34 | |
| Google Chrome (Trace Event) | =31.0.1650.35 | |
| Google Chrome (Trace Event) | =31.0.1650.36 | |
| Google Chrome (Trace Event) | =31.0.1650.37 | |
| Google Chrome (Trace Event) | =31.0.1650.38 | |
| Google Chrome (Trace Event) | =31.0.1650.39 | |
| Google Chrome (Trace Event) | =31.0.1650.41 | |
| Google Chrome (Trace Event) | =31.0.1650.42 | |
| Google Chrome (Trace Event) | =31.0.1650.43 | |
| Google Chrome (Trace Event) | =31.0.1650.44 | |
| Google Chrome (Trace Event) | =31.0.1650.45 | |
| Google Chrome (Trace Event) | =31.0.1650.46 | |
| Debian | =7.0 | |
| Debian | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
- http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
- http://www.debian.org/security/2013/dsa-2799
- https://code.google.com/p/chromium/issues/detail?id=268565
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19006
Frequently Asked Questions
What is the severity of CVE-2013-6621?
CVE-2013-6621 is classified as a high-severity vulnerability that can cause denial of service in Google Chrome.
How do I fix CVE-2013-6621?
To mitigate CVE-2013-6621, users should update Google Chrome to version 31.0.1650.48 or later.
Which versions of Google Chrome are affected by CVE-2013-6621?
CVE-2013-6621 affects all versions of Google Chrome up to and including 31.0.1650.47.
Is there any impact from CVE-2013-6621 beyond denial of service?
CVE-2013-6621 may allow remote attackers to have unspecified other impacts beyond just denial of service.
What platforms are affected by CVE-2013-6621?
CVE-2013-6621 affects Google Chrome on various platforms, including some versions of openSUSE and Debian.
- agent/references
- agent/type
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/opensuse
- canonical/suse linux
- version/suse linux/12.2
- version/suse linux/12.3
- version/suse linux/13.1
- vendor/google
- canonical/google chrome (trace event)
- version/google chrome (trace event)/31.0.1650.47
- version/google chrome (trace event)/31.0.1650.0
- version/google chrome (trace event)/31.0.1650.2
- version/google chrome (trace event)/31.0.1650.3
- version/google chrome (trace event)/31.0.1650.4
- version/google chrome (trace event)/31.0.1650.5
- version/google chrome (trace event)/31.0.1650.6
- version/google chrome (trace event)/31.0.1650.7
- version/google chrome (trace event)/31.0.1650.8
- version/google chrome (trace event)/31.0.1650.9
- version/google chrome (trace event)/31.0.1650.10
- version/google chrome (trace event)/31.0.1650.11
- version/google chrome (trace event)/31.0.1650.12
- version/google chrome (trace event)/31.0.1650.13
- version/google chrome (trace event)/31.0.1650.14
- version/google chrome (trace event)/31.0.1650.15
- version/google chrome (trace event)/31.0.1650.16
- version/google chrome (trace event)/31.0.1650.17
- version/google chrome (trace event)/31.0.1650.18
- version/google chrome (trace event)/31.0.1650.19
- version/google chrome (trace event)/31.0.1650.20
- version/google chrome (trace event)/31.0.1650.22
- version/google chrome (trace event)/31.0.1650.23
- version/google chrome (trace event)/31.0.1650.25
- version/google chrome (trace event)/31.0.1650.26
- version/google chrome (trace event)/31.0.1650.27
- version/google chrome (trace event)/31.0.1650.28
- version/google chrome (trace event)/31.0.1650.29
- version/google chrome (trace event)/31.0.1650.30
- version/google chrome (trace event)/31.0.1650.31
- version/google chrome (trace event)/31.0.1650.32
- version/google chrome (trace event)/31.0.1650.33
- version/google chrome (trace event)/31.0.1650.34
- version/google chrome (trace event)/31.0.1650.35
- version/google chrome (trace event)/31.0.1650.36
- version/google chrome (trace event)/31.0.1650.37
- version/google chrome (trace event)/31.0.1650.38
- version/google chrome (trace event)/31.0.1650.39
- version/google chrome (trace event)/31.0.1650.41
- version/google chrome (trace event)/31.0.1650.42
- version/google chrome (trace event)/31.0.1650.43
- version/google chrome (trace event)/31.0.1650.44
- version/google chrome (trace event)/31.0.1650.45
- version/google chrome (trace event)/31.0.1650.46
- vendor/debian
- canonical/debian
- version/debian/7.0
- version/debian/8.0