CVE-2014-7938

Upstream information

CVE-2014-7938 at MITRE

Description

The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

---

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	Partial
Integrity Impact	Partial
Availability Impact	Partial

SUSE Bugzilla entry: 914468 [RESOLVED / FIXED]

SUSE Security Advisories:

• openSUSE-SU-2015:0441-1, published Fri, 6 Mar 2015 13:04:51 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Leap 15.0	chromium >= 66.0.3359.170-lp150.1.1	Patchnames: openSUSE Leap 15.0 GA chromium-66.0.3359.170-lp150.1.1
openSUSE Tumbleweed	chromedriver >= 55.0.2883.75-3.1 chromium >= 55.0.2883.75-3.1	Patchnames: openSUSE Tumbleweed GA chromedriver-55.0.2883.75-3.1