CVE-2016-1612

Published: Jan 25, 2016Modified: May 6, 2026

7.6

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

Exploitability: 2.8 / Impact: 4.7

Source: NVD

Description

The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Up to 47.0.2526.106

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (26)

http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html

Source: chrome-cve-admin@google.com

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html

Source: chrome-cve-admin@google.com

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html

Source: chrome-cve-admin@google.com

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html

Source: chrome-cve-admin@google.com

http://rhn.redhat.com/errata/RHSA-2016-0072.html

Source: chrome-cve-admin@google.com

http://www.debian.org/security/2016/dsa-3456

Source: chrome-cve-admin@google.com

http://www.securityfocus.com/bid/81431

Source: chrome-cve-admin@google.com

http://www.securitytracker.com/id/1034801

Source: chrome-cve-admin@google.com

http://www.ubuntu.com/usn/USN-2877-1

Source: chrome-cve-admin@google.com

https://chromium.googlesource.com/v8/v8/+/cfbd16172fa165cc33ce0e2e72f74e5561168a61

Source: chrome-cve-admin@google.com

https://code.google.com/p/chromium/issues/detail?id=497632

Source: chrome-cve-admin@google.com

https://codereview.chromium.org/1531583005

Source: chrome-cve-admin@google.com

https://security.gentoo.org/glsa/201603-09

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2016-0072.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2016/dsa-3456

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/81431

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1034801

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2877-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://chromium.googlesource.com/v8/v8/+/cfbd16172fa165cc33ce0e2e72f74e5561168a61

Source: af854a3a-2127-422b-91ae-364da2661108

https://code.google.com/p/chromium/issues/detail?id=497632

Source: af854a3a-2127-422b-91ae-364da2661108

https://codereview.chromium.org/1531583005

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201603-09

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.