Back to search
CVE-2014-3174
Published: Aug 27, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://src.chromium.org/viewvc/blink?revision=177250&view=revision
x_refsource_CONFIRM
60424
third-party-advisory
x_refsource_SECUNIA
61482
third-party-advisory
x_refsource_SECUNIA
GLSA-201408-16
vendor-advisory
x_refsource_GENTOO
google-chrome-cve20143174-info-disc(95474)
vdb-entry
x_refsource_XF
69407
vdb-entry
x_refsource_BID
https://crbug.com/389219
x_refsource_CONFIRM
openSUSE-SU-2014:1151
vendor-advisory
x_refsource_SUSE
60268
third-party-advisory
x_refsource_SECUNIA
1030767
vdb-entry
x_refsource_SECTRACK
DSA-3039
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now