CVE-2014-3152 | Vulnerability Database | Aqua Security

Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value.

Affected Software

Name	Vendor	Start Version	End Version
Fedora	Fedoraproject	20 (including)	20 (including)
Fedora	Fedoraproject	21 (including)	21 (including)
Fedora	Fedoraproject	22 (including)	22 (including)

References

http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157338.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157357.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157363.html
http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html
http://secunia.com/advisories/58920
http://secunia.com/advisories/59155
http://secunia.com/advisories/60372
http://www.debian.org/security/2014/dsa-2939
http://www.securitytracker.com/id/1030270
https://code.google.com/p/chromium/issues/detail?id=358057
https://code.google.com/p/v8/source/detail?r=20363

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-3152
CWE	https://cwe.mitre.org/data/definitions/189.html