Описание
Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 31.0.1650.63-0ubuntu1~20131204.1 |
| lucid | ignored | end of life |
| precise | released | 31.0.1650.63-0ubuntu0.12.04.1~20131204.1 |
| quantal | released | 31.0.1650.63-0ubuntu0.12.10.1~20131204.1 |
| raring | released | 31.0.1650.63-0ubuntu0.13.04.1~20131204.1 |
| saucy | released | 31.0.1650.63-0ubuntu0.13.10.1~20131204.1 |
| upstream | released | 31.0.1650.48 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.
Use-after-free vulnerability in the Channel::SendRTCPPacket function i ...
Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call.
EPSS
7.5 High
CVSS2