CVE-2016-5202

browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
googlechrome
𝑥
< 54.0.2840.98
googlechrome
𝑥
< 54.0.2840.99
googlechrome
𝑥
< 54.0.2840.100
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
zesty
Fixed 55.0.2883.87-0ubuntu1
released
yakkety
Fixed 55.0.2883.87-0ubuntu0.16.10.1328
released
xenial
Fixed 55.0.2883.87-0ubuntu0.16.04.1263
released
trusty
Fixed 58.0.3029.81-0ubuntu0.14.04.1172
released
precise
ignored
oxide-qt
zesty
Fixed 1.19.6-0ubuntu2
released
yakkety
Fixed 1.18.5-0ubuntu0.16.10.1
released
xenial
Fixed 1.18.5-0ubuntu0.16.04.1
released
trusty
Fixed 1.18.5-0ubuntu0.14.04.1
released
precise
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00029.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5202
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5202
https://security-tracker.debian.org/tracker/CVE-2016-5202
http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00029.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5202
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5202
https://security-tracker.debian.org/tracker/CVE-2016-5202