First published: Thu Jan 22 2015(Updated: )
The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Chromium Chromium | =40.0.2214.110 | |
Redhat Enterprise Linux Desktop Supplementary | =6.0 | |
Redhat Enterprise Linux Server Supplementary | =6.0 | |
Redhat Enterprise Linux Server Supplementary Eus | =6.6.z | |
Redhat Enterprise Linux Workstation Supplementary | =6.0 | |
Google Chrome | <=40.0.2214.85 | |
openSUSE openSUSE | =13.1 | |
openSUSE openSUSE | =13.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.