DescriptionThe DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2015:0505-1, published Mon, 16 Mar 2015 16:05:28 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 13.1|| ||Patchnames:
|openSUSE Leap 15.0|| ||Patchnames:
openSUSE Leap 15.0 GA chromium
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA chromedriver