|Description||The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 22.214.171.124, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages."|
|Source||CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)|
|NVD severity||high (attack range: remote)|
|Debian/oldstable||packages chromium-browser, libv8 are vulnerable. |
|Debian/stable||package libv8 is vulnerable. |
|Debian/testing||package libv8-3.14 is vulnerable; however, the security impact is unimportant.|
|Debian/unstable||package libv8-3.14 is vulnerable; however, the security impact is unimportant.|
Vulnerable and fixed packages
The table below lists information on source packages.
|chromium-browser (PTS)||squeeze (security), squeeze||6.0.472.63~r59945-5+squeeze6||vulnerable|
|wheezy, wheezy (security)||37.0.2062.120-1~deb7u1||fixed|
|libv8-3.14 (PTS)||jessie, sid||126.96.36.199-8.1||vulnerable|
The information above is based on the following data on fixed versions.
[wheezy] - libv8 <no-dsa> (Minor issue, Chromium in Wheezy uses its own fixed copy)
[squeeze] - libv8 <end-of-life> (Unsupported in squeeze-lts)
libv8 not covered by security support