PT-2015-1054 · Opera+5 · Opera+5

Publicado

2015-04-01

Atualizado

2024-06-15

CVE-2015-1234

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 41.0.2272.118 Opera versions prior to 41.0.2272.118

Description The issue is related to a race condition in the gpu/command buffer/service/gles2 cmd decoder.cc component, allowing remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES commands.

Recommendations For Google Chrome versions prior to 41.0.2272.118, update to version 41.0.2272.118 or later. For Opera versions prior to 41.0.2272.118, update to a version that includes the fix for this issue, as the specific version is not provided. As a temporary workaround, consider restricting the use of OpenGL ES commands in the affected component until a patch is available.

Exploit

Correção

DoS

Race Condition

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-20

Identificadores relacionados

ALT-PU-2015-1353

BDU:2015-09909

CVE-2015-1234

MGASA-2015-0141

OPENSUSE-SU-2015_0682-1

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

RHSA-2015:0778

RHSA-2015_0778

USN-2556-1

ZDI-15-137

Produtos afetados

Alt Linux

Google Chrome

Opera

Red Hat

Suse

Ubuntu

PT-2015-1054 · Opera+5 · Opera+5

CVE-2015-1234

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2376