CVE-2014-3174

2014-08-2600:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.018

Percentile

88.2%

JSON

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in
Blink, as used in Google Chrome before 37.0.2062.94, does not properly
consider concurrent threads during attempts to update biquad filter
coefficients, which allows remote attackers to cause a denial of service
(read of uninitialized memory) via crafted API calls.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchchromium-browser< 37.0.2062.94-0ubuntu0.12.04.1~pkg909UNKNOWN
ubuntu14.04noarchchromium-browser< 37.0.2062.94-0ubuntu0.14.04.1~pkg1042UNKNOWN
ubuntu14.04noarchoxide-qt< 1.1.2-0ubuntu0.14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	chromium-browser	< 37.0.2062.94-0ubuntu0.12.04.1~pkg909	UNKNOWN
ubuntu	14.04	noarch	chromium-browser	< 37.0.2062.94-0ubuntu0.14.04.1~pkg1042	UNKNOWN
ubuntu	14.04	noarch	oxide-qt	< 1.1.2-0ubuntu0.14.04.1	UNKNOWN