Published: 27/08/2014 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome prior to 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote malicious users to cause a denial of service (read of uninitialized memory) via crafted API calls.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 37.0.2062.49
google chrome 37.0.2062.60
google chrome 37.0.2062.44
google chrome 37.0.2062.31
google chrome 37.0.2062.11
google chrome 37.0.2062.51
google chrome 37.0.2062.76
google chrome 37.0.2062.28
google chrome 37.0.2062.48
google chrome 37.0.2062.78
google chrome 37.0.2062.14
google chrome 37.0.2062.16
google chrome 37.0.2062.35
google chrome 37.0.2062.69
google chrome 37.0.2062.25
google chrome 37.0.2062.4
google chrome 37.0.2062.36
google chrome 37.0.2062.59
google chrome 37.0.2062.81
google chrome 37.0.2062.73
google chrome 37.0.2062.67
google chrome 37.0.2062.77
google chrome 37.0.2062.9
google chrome 37.0.2062.3
google chrome 37.0.2062.5
google chrome 37.0.2062.33
google chrome 37.0.2062.29
google chrome 37.0.2062.0
google chrome 37.0.2062.19
google chrome 37.0.2062.10
google chrome 37.0.2062.23
google chrome 37.0.2062.54
google chrome 37.0.2062.22
google chrome 37.0.2062.17
google chrome 37.0.2062.46
google chrome 37.0.2062.61
google chrome 37.0.2062.58
google chrome 37.0.2062.64
google chrome 37.0.2062.8
google chrome 37.0.2062.30
google chrome 37.0.2062.7
google chrome 37.0.2062.57
google chrome 37.0.2062.68
google chrome 37.0.2062.62
google chrome 37.0.2062.70
google chrome 37.0.2062.2
google chrome 37.0.2062.20
google chrome 37.0.2062.63
google chrome 37.0.2062.50
google chrome 37.0.2062.52
google chrome 37.0.2062.75
google chrome 37.0.2062.53
google chrome 37.0.2062.26
google chrome 37.0.2062.72
google chrome 37.0.2062.15
google chrome 37.0.2062.92
google chrome 37.0.2062.56
google chrome 37.0.2062.43
google chrome 37.0.2062.6
google chrome 37.0.2062.37
google chrome 37.0.2062.71
google chrome 37.0.2062.90
google chrome 37.0.2062.18
google chrome 37.0.2062.39
google chrome 37.0.2062.24
google chrome 37.0.2062.32
google chrome
google chrome 37.0.2062.80
google chrome 37.0.2062.47
google chrome 37.0.2062.45
google chrome 37.0.2062.55
google chrome 37.0.2062.12
google chrome 37.0.2062.89
google chrome 37.0.2062.66
google chrome 37.0.2062.34
google chrome 37.0.2062.13
google chrome 37.0.2062.21
google chrome 37.0.2062.74
google chrome 37.0.2062.91
google chrome 37.0.2062.27
google chrome 37.0.2062.65
google chrome 37.0.2062.1

Several security issues were fixed in Oxide ...

CWE-119 https://src.chromium.org/viewvc/blink?revision=177250&view=revision http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html http://secunia.com/advisories/60424 http://secunia.com/advisories/61482 http://security.gentoo.org/glsa/glsa-201408-16.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/95474 http://www.securityfocus.com/bid/69407 https://crbug.com/389219 http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html http://secunia.com/advisories/60268 http://www.securitytracker.com/id/1030767 http://www.debian.org/security/2014/dsa-3039 https://usn.ubuntu.com/2326-1/https://nvd.nist.gov

Get Started

CVE-2014-3174

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect