CVE-2015-6764

Upstream information

CVE-2015-6764 at MITRE

Description

The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having low severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	Partial

SUSE Bugzilla entries: 956902 [RESOLVED / FIXED], 957519 [RESOLVED / FIXED]

SUSE Security Advisories:

openSUSE-SU-2015:1816-1, published Sat, 24 Oct 2015 02:09:41 +0200 (CEST)
openSUSE-SU-2015:1867-1, published Mon, 2 Nov 2015 16:32:56 +0100 (CET)
openSUSE-SU-2015:2290-1, published Thu, 17 Dec 2015 13:10:52 +0100 (CET)
openSUSE-SU-2015:2291-1, published Thu, 17 Dec 2015 13:11:20 +0100 (CET)
openSUSE-SU-2016:0138-1, published Fri, 15 Jan 2016 19:14:14 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 13.1	`chromedriver >= 47.0.2526.80-116.1` `chromedriver-debuginfo >= 47.0.2526.80-116.1` `chromium >= 47.0.2526.80-116.1` `chromium-debuginfo >= 47.0.2526.80-116.1` `chromium-debugsource >= 47.0.2526.80-116.1` `chromium-desktop-gnome >= 47.0.2526.80-116.1` `chromium-desktop-kde >= 47.0.2526.80-116.1` `chromium-ffmpegsumo >= 47.0.2526.80-116.1` `chromium-ffmpegsumo-debuginfo >= 47.0.2526.80-116.1` `nodejs >= 4.2.4-9.1` `nodejs-debuginfo >= 4.2.4-9.1` `nodejs-debugsource >= 4.2.4-9.1` `nodejs-devel >= 4.2.4-9.1` `nodejs-doc >= 4.2.4-9.1`	Patchnames: openSUSE-2015-679 openSUSE-2015-912 openSUSE-2016-46
openSUSE Leap 15.0	`chromium >= 66.0.3359.170-lp150.1.1`	Patchnames: openSUSE Leap 15.0 GA chromium
openSUSE Leap 42.1	`chromedriver >= 47.0.2526.80-7.1` `chromedriver-debuginfo >= 47.0.2526.80-7.1` `chromium >= 47.0.2526.80-7.1` `chromium-debuginfo >= 47.0.2526.80-7.1` `chromium-debugsource >= 47.0.2526.80-7.1` `chromium-desktop-gnome >= 47.0.2526.80-7.1` `chromium-desktop-kde >= 47.0.2526.80-7.1` `chromium-ffmpegsumo >= 47.0.2526.80-7.1` `chromium-ffmpegsumo-debuginfo >= 47.0.2526.80-7.1` `nodejs >= 4.2.4-15.1` `nodejs-debuginfo >= 4.2.4-15.1` `nodejs-debugsource >= 4.2.4-15.1` `nodejs-devel >= 4.2.4-15.1` `nodejs-doc >= 4.2.4-9.1` `nodejs-docs >= 4.2.4-15.1` `npm >= 4.2.4-15.1`	Patchnames: openSUSE-2015-912 openSUSE-2016-46
openSUSE Tumbleweed	`chromedriver >= 55.0.2883.75-3.1` `chromium >= 55.0.2883.75-3.1`	Patchnames: openSUSE Tumbleweed GA chromedriver

CVE-2015-6764

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

List of released packages

Supportangebote

SUSE Global Services

Supportressourcen

Partner

Communities

Info