CVE-2014-3199

Priority
Description
The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8
bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an
erroneous fallback outcome for wrapper-selection failures, which allows
remote attackers to cause a denial of service via vectors that trigger
stopping a worker process that had been handling an Event object.
Notes
mikesalvatoreThe Ubuntu Security Team does not support libv8
Package
Priority: Medium
Upstream:released (38.0.2125.101)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [38.0.2125.111-0ubuntu0.14.04.1.1061])
Ubuntu 16.04 LTS (Xenial Xerus):released (38.0.2125.111-0ubuntu1.1103)
Ubuntu 18.04 LTS (Bionic Beaver):released (38.0.2125.111-0ubuntu1.1103)
Package
Source: libv8 (LP Ubuntu Debian)
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [libv8 not supported])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (libv8 not supported)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (libv8 not supported)
Package
Upstream:released (1.2.5)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.2.5-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (1.2.5-0ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
More Information

Updated: 2020-01-29 19:49:36 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)