CVE-2015-1277 in Ubuntu

CVE-2015-1277

Priority

Description

Use-after-free vulnerability in the accessibility implementation in Google
Chrome before 44.0.2403.89 allows remote attackers to cause a denial of
service or possibly have unspecified other impact by leveraging lack of
certain validity checks for accessibility-tree data structures.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
https://usn.ubuntu.com/usn/usn-2677-1

Bugs

https://code.google.com/p/chromium/issues/detail?id=479743

Package

Source: chromium-browser (LP Ubuntu Debian)

Upstream:	released (44.0.2403.89)
Ubuntu 14.04 LTS (Trusty Tahr):	released (44.0.2403.89-0ubuntu0.14.04.1.1095)
Ubuntu 16.04 LTS (Xenial Xerus):	released (44.0.2403.89-0ubuntu1.1195)

Patches:

Upstream:	https://codereview.chromium.org/1151393006/
Upstream:	https://codereview.chromium.org/1144363004/

Package

Source: oxide-qt (LP Ubuntu Debian)

Upstream:	released (1.8.4)
Ubuntu 14.04 LTS (Trusty Tahr):	released (1.8.4-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	released (1.8.4-0ubuntu1)

More Information

Updated: 2019-01-14 22:16:07 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)