Main Vulnerability Database Vulnerabilities #VU41374

Buffer overflow in Google Chrome - CVE-2014-3174

Published: August 27, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41374

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2014-3174

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls.

How to mitigate CVE-2014-3174

Install update from vendor's website.

Buffer overflow in Google Chrome - CVE-2014-3174

Detailed vulnerability description

How to mitigate CVE-2014-3174

Sources

Please verify you're human