Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-1646

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
CONFIRM: https://codereview.chr...
DEBIAN: DSA-3531
UBUNTU: USN-2955-1
SUSE: openSUSE-SU-2016:1059
GENTOO: GLSA-201605-02
REDHAT: RHSA-2016:0525
SUSE: openSUSE-SU-2016:0929
SUSE: openSUSE-SU-2016:0930
SECTRACK: 1035423

Launchpad.net

CVE 2016-1646

Related bugs

References