Launchpad CVE tracker

CVE 2014-3198

The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Related bugs and status

CVE-2014-3198 (Candidate) is related to these bugs:

Bug #1310163: chromium-browser with multiple tabs crashes on startup in KDE environment

Summary				In	Importance	Status
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		chromium-browser (Ubuntu)	High	Fix Released
	1310163	chromium-browser with multiple tabs crashes on startup in KDE environment		Chromium Browser	Unknown	Unknown

Bug #1373802: Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049

Summary				In	Importance	Status
	1373802	Regression: chromium-browser no longer loads policies in 37.0.2062.120-0ubuntu0.14.04.1~pkg1049		chromium-browser (Ubuntu)	Critical	Fix Released

Bug #1381644: CHROMIUM_USER_FLAGS environment variable is ignored

Summary				In	Importance	Status
	1381644	CHROMIUM_USER_FLAGS environment variable is ignored		chromium-browser (Ubuntu)	High	Fix Released

Bug #1386455: Chromium 37 has 159 known security issues

Summary				In	Importance	Status
	1386455	Chromium 37 has 159 known security issues		chromium-browser (Ubuntu)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-3198

References