1
Candidate: CVE-2014-7941
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7941
5
https://codereview.chromium.org/697863002
6
https://code.google.com/p/chromium/issues/detail?id=428557
7
http://googlechromereleases.blogspot.com/2015/01/stable-update.html
9
The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc
10
in the UI implementation in Google Chrome before 40.0.2214.91 uses an
11
incorrect data type for a certain length value, which allows remote
12
attackers to cause a denial of service (out-of-bounds read) via crafted X11
16
chrisccoulson> The code is not used in Oxide
19
Discovered-by: Atte Kettunen and Christoph Diehl
22
Patches_chromium-browser:
23
upstream_chromium-browser: released (40.0.2214.91)
24
lucid_chromium-browser: ignored (reached end-of-life)
25
precise_chromium-browser: ignored
26
trusty_chromium-browser: released (40.0.2214.94-0ubuntu0.14.04.1.1068)
27
utopic_chromium-browser: released (40.0.2214.94-0ubuntu0.14.10.1.1110)
28
vivid_chromium-browser: released (40.0.2214.94-0ubuntu1.1120)
29
wily_chromium-browser: released (40.0.2214.94-0ubuntu1.1120)
30
devel_chromium-browser: released (40.0.2214.94-0ubuntu1.1120)
33
upstream_oxide-qt: not-affected
36
trusty_oxide-qt: not-affected
37
utopic_oxide-qt: not-affected
38
vivid_oxide-qt: not-affected
39
wily_oxide-qt: not-affected
40
devel_oxide-qt: not-affected