CVE-2016-1669 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-1669 Interim 1 22 2023-12-09T01:20:48Z current 2021-05-30T13:38:20Z 2023-12-09T01:20:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-1669 The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WDDD4PCP6CVZ6BOQS5YXDY2PFMZL6EBE/#WDDD4PCP6CVZ6BOQS5YXDY2PFMZL6EBE E-Mail link for openSUSE-SU-2016:1304-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J6346OVIZQCTBZ5PMW4HU6JSRQEWRJHW/#J6346OVIZQCTBZ5PMW4HU6JSRQEWRJHW E-Mail link for openSUSE-SU-2016:1319-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N7HVHZWKHOVS56BYIVYBXZJ3DGHBHUJK/#N7HVHZWKHOVS56BYIVYBXZJ3DGHBHUJK E-Mail link for openSUSE-SU-2016:1655-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZBUNI7MQOGTTK5V6ZEUBGZKAQMZP6XAR/#ZBUNI7MQOGTTK5V6ZEUBGZKAQMZP6XAR E-Mail link for openSUSE-SU-2016:2496-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE Linux Enterprise Module for Web and Scripting 12 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed chromedriver-55.0.2883.75-3.1 chromium-101.0.4951.64-bp154.1.2 chromium-55.0.2883.75-3.1 chromium-66.0.3359.170-lp150.1.1 chromium-83.0.4103.97-lp152.1.1 chromium-90.0.4430.212-bp153.1.1 nodejs4 nodejs4-4.7.0-1.1 nodejs4-devel nodejs4-devel-4.7.0-1.1 nodejs4-docs nodejs4-docs-4.7.0-1.1 nodejs6 nodejs6-devel nodejs6-docs npm4 npm4-4.7.0-1.1 npm6 ungoogled-chromium-113.0.5672.92-1.1 ungoogled-chromium-chromedriver-113.0.5672.92-1.1 chromium-66.0.3359.170-lp150.1.1 as a component of openSUSE Leap 15.0 chromium-83.0.4103.97-lp152.1.1 as a component of openSUSE Leap 15.2 chromium-90.0.4430.212-bp153.1.1 as a component of openSUSE Leap 15.3 chromium-101.0.4951.64-bp154.1.2 as a component of openSUSE Leap 15.4 chromedriver-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed chromium-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed nodejs4-4.7.0-1.1 as a component of openSUSE Tumbleweed nodejs4-devel-4.7.0-1.1 as a component of openSUSE Tumbleweed nodejs4-docs-4.7.0-1.1 as a component of openSUSE Tumbleweed npm4-4.7.0-1.1 as a component of openSUSE Tumbleweed ungoogled-chromium-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed ungoogled-chromium-chromedriver-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed nodejs4 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs4-devel as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs4-docs as a component of SUSE Linux Enterprise Module for Web and Scripting 12 npm4 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs6 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs6-devel as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs6-docs as a component of SUSE Linux Enterprise Module for Web and Scripting 12 npm6 as a component of SUSE Linux Enterprise Module for Web and Scripting 12 nodejs6 as a component of SUSE OpenStack Cloud Crowbar 8 nodejs6 as a component of SUSE OpenStack Cloud Crowbar 9 The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1669 openSUSE Leap 15.0:chromium-66.0.3359.170-lp150.1.1 openSUSE Leap 15.2:chromium-83.0.4103.97-lp152.1.1 openSUSE Leap 15.3:chromium-90.0.4430.212-bp153.1.1 openSUSE Leap 15.4:chromium-101.0.4951.64-bp154.1.2 openSUSE Tumbleweed:chromedriver-55.0.2883.75-3.1 openSUSE Tumbleweed:chromium-55.0.2883.75-3.1 openSUSE Tumbleweed:nodejs4-4.7.0-1.1 openSUSE Tumbleweed:nodejs4-devel-4.7.0-1.1 openSUSE Tumbleweed:nodejs4-docs-4.7.0-1.1 openSUSE Tumbleweed:npm4-4.7.0-1.1 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4 SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-devel SUSE Linux Enterprise Module for Web and Scripting 12:nodejs4-docs SUSE Linux Enterprise Module for Web and Scripting 12:nodejs6 SUSE Linux Enterprise Module for Web and Scripting 12:nodejs6-devel SUSE Linux Enterprise Module for Web and Scripting 12:nodejs6-docs SUSE Linux Enterprise Module for Web and Scripting 12:npm4 SUSE Linux Enterprise Module for Web and Scripting 12:npm6 SUSE OpenStack Cloud Crowbar 8:nodejs6 SUSE OpenStack Cloud Crowbar 9:nodejs6 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H