CVE-2015-8479

EUVD-2015-8360
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
googlechrome
𝑥
≤ 46.0.2490.86
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
precise
ignored
trusty
Fixed 47.0.2526.73-0ubuntu0.14.04.1.1106
released
vivid
Fixed 47.0.2526.73-0ubuntu0.15.04.1.1190
released
wily
Fixed 47.0.2526.73-0ubuntu0.15.10.1.1215
released
oxide-qt
precise
dne
trusty
Fixed 1.11.3-0ubuntu0.14.04.1
released
vivid
Fixed 1.11.3-0ubuntu0.15.04.1
released
wily
Fixed 1.11.3-0ubuntu0.15.10.1
released
Common Weakness Enumeration
References
http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
https://code.google.com/p/chromium/issues/detail?id=535605
http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
https://code.google.com/p/chromium/issues/detail?id=535605