UBUNTU-CVE-2015-6581
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 03 Sept 2015, 22:59
Last modified:08 Sept 2025, 16:43
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
03 Sept 2015, 22:59
Published
Vulnerability first disclosed
08 Sept 2025, 16:43
Last Modified
Vulnerability information updated
Description
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure.
Affected Systems
- ubuntu•chromium-browser
< 45.0.2454.85-0ubuntu0.14.04.1.1097
References (6)
- https://ubuntu.com/security/CVE-2015-6581
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
- https://code.google.com/p/openjpeg/issues/detail?id=492
- https://code.google.com/p/chromium/issues/detail?id=526825
- https://code.google.com/p/chromium/issues/detail?id=486538
- https://www.cve.org/CVERecord?id=CVE-2015-6581