CVE-2016-1646: Google Chromium V8 Out-of-Bounds Read Vulnerability
First published: Tue Mar 29 2016(Updated: )
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Credit: cve-coordination@google.com chrome-cve-admin@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Debian Debian Linux | =8.0 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =15.10 | |
| Canonical Ubuntu Linux | =16.04 | |
| openSUSE openSUSE | =13.1 | |
| Google Chrome | <=49.0.2623.95 | |
| Debian Debian Linux | =9.0 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Google Chrome | <49.0.2623.108 | |
| Suse Package Hub | ||
| openSUSE Leap | =42.1 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Eus | =6.7 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Google Chromium V8 | ||
| =8.0 | ||
| =9.0 | ||
| =14.04 | ||
| =15.10 | ||
| =16.04 | ||
| <49.0.2623.108 | ||
| =42.1 | ||
| =13.1 | ||
| =6.0 | ||
| =6.7 | ||
| =6.0 | ||
| =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html
- http://rhn.redhat.com/errata/RHSA-2016-0525.html
- http://www.debian.org/security/2016/dsa-3531
- http://www.securitytracker.com/id/1035423
- http://www.ubuntu.com/usn/USN-2955-1
- https://code.google.com/p/chromium/issues/detail?id=594574
- https://codereview.chromium.org/1804963002/
- https://security.gentoo.org/glsa/201605-02
- https://nvd.nist.gov/vuln/detail/CVE-2016-1646
- agent/type
- agent/title
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/author
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-cve
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/15.10
- version/canonical ubuntu linux/16.04
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- vendor/google
- canonical/google chrome
- version/google chrome/49.0.2623.95
- version/debian debian linux/9.0
- vendor/suse
- canonical/suse package hub
- canonical/opensuse leap
- version/opensuse leap/42.1
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/6.7
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- canonical/google chromium v8