CVE-2014-7935

Publication date 22 January 2015

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Description

Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab.

Read the notes from the security team

Status

Package Ubuntu Release Status
chromium-browser 15.10 wily
Fixed 40.0.2214.94-0ubuntu1.1120
15.04 vivid
Fixed 40.0.2214.94-0ubuntu1.1120
14.10 utopic
Fixed 40.0.2214.94-0ubuntu0.14.10.1.1110
14.04 LTS trusty
Fixed 40.0.2214.94-0ubuntu0.14.04.1.1068
12.04 LTS precise Ignored
10.04 LTS lucid Ignored end of life
oxide-qt 15.10 wily
Not affected
15.04 vivid
Not affected
14.10 utopic
Not affected
14.04 LTS trusty Not in release
12.04 LTS precise Not in release
10.04 LTS lucid Not in release

Notes

chrisccoulson

The bug is in the Chrome / Chromium browser (above content)

References

Other references