Launchpad CVE tracker

CVE 2014-3192

Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Related bugs and status

CVE-2014-3192 (Candidate) is related to these bugs:

Bug #1310163: chromium-browser with multiple tabs crashes on startup in KDE environment

Summary				In	Importance	Status
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		chromium-browser (Ubuntu)	High	Fix Released
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		Chromium Browser	Unknown	Unknown

Bug #1373802: Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049

Summary				In	Importance	Status
	1373802	Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049		chromium-browser (Ubuntu)	Critical	Fix Released

Bug #1381644: CHROMIUM_USER_FLAGS environment variable is ignored

Summary				In	Importance	Status
	1381644	CHROMIUM_USER_FLAGS environment variable is ignored		chromium-browser (Ubuntu)	High	Fix Released

Bug #1386455: Chromium 37 has 159 known security issues

Summary				In	Importance	Status
	1386455	Chromium 37 has 159 known security issues		chromium-browser (Ubuntu)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-3192

References