CVE-2013-6631

Publication date 19 November 2013

Last updated 24 July 2024


Ubuntu priority

Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
chromium-browser 13.10 saucy
Fixed 31.0.1650.63-0ubuntu0.13.10.1~20131204.1
13.04 raring
Fixed 31.0.1650.63-0ubuntu0.13.04.1~20131204.1
12.10 quantal
Fixed 31.0.1650.63-0ubuntu0.12.10.1~20131204.1
12.04 LTS precise
Fixed 31.0.1650.63-0ubuntu0.12.04.1~20131204.1
10.04 LTS lucid Ignored end of life