CVE-2015-1277 in Ubuntu

CVE-2015-1277 (retired)

Priority

Description

Use-after-free vulnerability in the accessibility implementation in Google
Chrome before 44.0.2403.89 allows remote attackers to cause a denial of
service or possibly have unspecified other impact by leveraging lack of
certain validity checks for accessibility-tree data structures.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
https://usn.ubuntu.com/usn/usn-2677-1

Bugs

https://code.google.com/p/chromium/issues/detail?id=479743

Package

Source: chromium-browser (LP Ubuntu Debian)

Upstream:	released (44.0.2403.89)
Ubuntu 14.04 LTS (Trusty Tahr):	released (44.0.2403.89-0ubuntu0.14.04.1.1095)
Ubuntu 16.04 LTS (Xenial Xerus):	released (44.0.2403.89-0ubuntu1.1195)

Patches:

Upstream:	https://codereview.chromium.org/1151393006/
Upstream:	https://codereview.chromium.org/1144363004/

Package

Source: oxide-qt (LP Ubuntu Debian)

Upstream:	released (1.8.4)
Ubuntu 14.04 LTS (Trusty Tahr):	released (1.8.4-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):	released (1.8.4-0ubuntu1)

More Information

Updated: 2019-03-26 12:14:34 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)