CVE-2014-7925
Publication date 22 January 2015
Last updated 24 July 2024
Ubuntu priority
Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| chromium-browser | ||
| 14.04 LTS trusty |
Fixed 40.0.2214.94-0ubuntu0.14.04.1.1068
|
|
| oxide-qt | ||
| 14.04 LTS trusty |
Fixed 1.4.2-0ubuntu0.14.04.1
|
|
References
Related Ubuntu Security Notices (USN)
- USN-2476-1
- Oxide vulnerabilities
- 26 January 2015
Other references
- https://src.chromium.org/viewvc/blink?revision=186914&view=revision
- https://src.chromium.org/viewvc/blink?revision=186482&view=revision
- https://codereview.chromium.org/802593004
- https://code.google.com/p/chromium/issues/detail?id=434136
- http://googlechromereleases.blogspot.com/2015/01/stable-update.html
- https://www.cve.org/CVERecord?id=CVE-2014-7925