Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3154

Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown.

Published

2014-06-11T10:57:18.487

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	google	chrome	≤ 35.0.1916.152	Yes
Application	google	chrome	35.0.1916.0	Yes
Application	google	chrome	35.0.1916.1	Yes
Application	google	chrome	35.0.1916.2	Yes
Application	google	chrome	35.0.1916.3	Yes
Application	google	chrome	35.0.1916.4	Yes
Application	google	chrome	35.0.1916.5	Yes
Application	google	chrome	35.0.1916.6	Yes
Application	google	chrome	35.0.1916.7	Yes
Application	google	chrome	35.0.1916.8	Yes
Application	google	chrome	35.0.1916.9	Yes
Application	google	chrome	35.0.1916.10	Yes
Application	google	chrome	35.0.1916.11	Yes
Application	google	chrome	35.0.1916.13	Yes
Application	google	chrome	35.0.1916.14	Yes
Application	google	chrome	35.0.1916.15	Yes
Application	google	chrome	35.0.1916.17	Yes
Application	google	chrome	35.0.1916.18	Yes
Application	google	chrome	35.0.1916.19	Yes
Application	google	chrome	35.0.1916.20	Yes
Application	google	chrome	35.0.1916.21	Yes
Application	google	chrome	35.0.1916.22	Yes
Application	google	chrome	35.0.1916.23	Yes
Application	google	chrome	35.0.1916.27	Yes
Application	google	chrome	35.0.1916.31	Yes
Application	google	chrome	35.0.1916.32	Yes
Application	google	chrome	35.0.1916.33	Yes
Application	google	chrome	35.0.1916.34	Yes
Application	google	chrome	35.0.1916.35	Yes
Application	google	chrome	35.0.1916.36	Yes
Application	google	chrome	35.0.1916.37	Yes
Application	google	chrome	35.0.1916.38	Yes
Application	google	chrome	35.0.1916.39	Yes
Application	google	chrome	35.0.1916.40	Yes
Application	google	chrome	35.0.1916.41	Yes
Application	google	chrome	35.0.1916.42	Yes
Application	google	chrome	35.0.1916.43	Yes
Application	google	chrome	35.0.1916.44	Yes
Application	google	chrome	35.0.1916.45	Yes
Application	google	chrome	35.0.1916.46	Yes
Application	google	chrome	35.0.1916.47	Yes
Application	google	chrome	35.0.1916.48	Yes
Application	google	chrome	35.0.1916.49	Yes
Application	google	chrome	35.0.1916.51	Yes
Application	google	chrome	35.0.1916.52	Yes
Application	google	chrome	35.0.1916.54	Yes
Application	google	chrome	35.0.1916.56	Yes
Application	google	chrome	35.0.1916.57	Yes
Application	google	chrome	35.0.1916.59	Yes
Application	google	chrome	35.0.1916.61	Yes
Application	google	chrome	35.0.1916.68	Yes
Application	google	chrome	35.0.1916.69	Yes
Application	google	chrome	35.0.1916.71	Yes
Application	google	chrome	35.0.1916.72	Yes
Application	google	chrome	35.0.1916.74	Yes
Application	google	chrome	35.0.1916.77	Yes
Application	google	chrome	35.0.1916.80	Yes
Application	google	chrome	35.0.1916.82	Yes
Application	google	chrome	35.0.1916.84	Yes
Application	google	chrome	35.0.1916.85	Yes
Application	google	chrome	35.0.1916.86	Yes
Application	google	chrome	35.0.1916.88	Yes
Application	google	chrome	35.0.1916.90	Yes
Application	google	chrome	35.0.1916.92	Yes
Application	google	chrome	35.0.1916.93	Yes
Application	google	chrome	35.0.1916.95	Yes
Application	google	chrome	35.0.1916.96	Yes
Application	google	chrome	35.0.1916.98	Yes
Application	google	chrome	35.0.1916.99	Yes
Application	google	chrome	35.0.1916.101	Yes
Application	google	chrome	35.0.1916.103	Yes
Application	google	chrome	35.0.1916.104	Yes
Application	google	chrome	35.0.1916.105	Yes
Application	google	chrome	35.0.1916.106	Yes
Application	google	chrome	35.0.1916.107	Yes
Application	google	chrome	35.0.1916.108	Yes
Application	google	chrome	35.0.1916.109	Yes
Application	google	chrome	35.0.1916.110	Yes
Application	google	chrome	35.0.1916.111	Yes
Application	google	chrome	35.0.1916.112	Yes
Application	google	chrome	35.0.1916.113	Yes
Application	google	chrome	35.0.1916.114	Yes
Application	google	chrome	35.0.1916.115	Yes
Application	google	chrome	35.0.1916.116	Yes
Application	google	chrome	35.0.1916.117	Yes
Application	google	chrome	35.0.1916.118	Yes
Application	google	chrome	35.0.1916.119	Yes
Application	google	chrome	35.0.1916.120	Yes
Application	google	chrome	35.0.1916.121	Yes
Application	google	chrome	35.0.1916.122	Yes
Application	google	chrome	35.0.1916.123	Yes
Application	google	chrome	35.0.1916.124	Yes
Application	google	chrome	35.0.1916.125	Yes
Application	google	chrome	35.0.1916.126	Yes
Application	google	chrome	35.0.1916.127	Yes
Application	google	chrome	35.0.1916.128	Yes
Application	google	chrome	35.0.1916.137	Yes
Application	google	chrome	35.0.1916.138	Yes
Application	google	chrome	35.0.1916.140	Yes
Application	google	chrome	35.0.1916.141	Yes
Application	google	chrome	35.0.1916.142	Yes
Application	google	chrome	35.0.1916.149	Yes
Application	google	chrome	35.0.1916.150	Yes
Application	google	chrome	35.0.1916.151	Yes

References

http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html ([email protected])
http://secunia.com/advisories/58585 ([email protected])
http://secunia.com/advisories/59090 ([email protected])
http://secunia.com/advisories/60061 ([email protected])
http://secunia.com/advisories/60372 ([email protected])
http://security.gentoo.org/glsa/glsa-201408-16.xml ([email protected])
http://www.debian.org/security/2014/dsa-2959 ([email protected])
http://www.securityfocus.com/bid/67977 ([email protected])
https://code.google.com/p/chromium/issues/detail?id=369525 ([email protected])
https://src.chromium.org/viewvc/blink?revision=173620&view=revision ([email protected])
https://src.chromium.org/viewvc/chrome?revision=269345&view=revision ([email protected])
http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58585 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59090 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60061 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60372 (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201408-16.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2014/dsa-2959 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/67977 (af854a3a-2127-422b-91ae-364da2661108)
https://code.google.com/p/chromium/issues/detail?id=369525 (af854a3a-2127-422b-91ae-364da2661108)
https://src.chromium.org/viewvc/blink?revision=173620&view=revision (af854a3a-2127-422b-91ae-364da2661108)
https://src.chromium.org/viewvc/chrome?revision=269345&view=revision (af854a3a-2127-422b-91ae-364da2661108)