Stephen White

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 51.0.2704.79 Skia (affected versions not specified) Opera (affected versions not specified) **Description** The issue is related to the SkRegion::readFromMemory function in Skia, which does not validate the interval count. This allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Google Chrome versions prior to 51.0.2704.79, update to version 51.0.2704.79 or later. For Skia, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the `SkRegion::readFromMemory` function until a patch is available.