Launchpad.net

CVE 2014-3152

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value.

Related bugs and status

CVE-2014-3152 (Candidate) is related to these bugs:

Bug #1302155: Chromium UI is very large

Summary				In	Importance	Status
	1302155	Chromium UI is very large		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1837038: Broken and defunct libv8-3.14 urgently needs removal

Summary				In	Importance	Status
	1837038	Broken and defunct libv8-3.14 urgently needs removal		libv8-3.14 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
CONFIRM: https://code.google.co...
SECTRACK: 1030270
SECUNIA: 58920
SECUNIA: 59155
FEDORA: FEDORA-2015-6845
FEDORA: FEDORA-2015-6890
FEDORA: FEDORA-2015-6908
SECUNIA: 60372
SUSE: openSUSE-SU-2014:0783
DEBIAN: DSA-2939