PT-2015-1054 · Opera+5 · Opera+5

Published

2015-04-01

Updated

2024-06-15

CVE-2015-1234

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 41.0.2272.118 Opera versions prior to 41.0.2272.118

Description The issue is related to a race condition in the gpu/command buffer/service/gles2 cmd decoder.cc component, allowing remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES commands.

Recommendations For Google Chrome versions prior to 41.0.2272.118, update to version 41.0.2272.118 or later. For Opera versions prior to 41.0.2272.118, update to a version that includes the fix for this issue, as the specific version is not provided. As a temporary workaround, consider restricting the use of OpenGL ES commands in the affected component until a patch is available.

Exploit

Fix

DoS

Race Condition

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-20

Related Identifiers

ALT-PU-2015-1353

BDU:2015-09909

CVE-2015-1234

MGASA-2015-0141

OPENSUSE-SU-2015_0682-1

OPENSUSE-SU-2024:10171-1

OPENSUSE-SU-2024:12948-1

RHSA-2015:0778

RHSA-2015_0778

USN-2556-1

ZDI-15-137

Affected Products

Alt Linux

Google Chrome

Opera

Red Hat

Suse

Ubuntu

PT-2015-1054 · Opera+5 · Opera+5

CVE-2015-1234

Weakness Enumeration

Related Identifiers

Affected Products

References · 2376