UBUNTU-CVE-2016-1678

Advisory lineage Upstream: 1 Downstream: 1
Upstream
CVE-2016-1678
Downstream
USN-2992-1
Published: 31 May 2016, 00:00
Last modified:22 Apr 2026, 10:33

Vulnerability Summary

Overall Risk (default)
medium
35/100
CVSS Score
8.8 HIGH
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

31 May 2016, 00:00
Published
Vulnerability first disclosed
22 Apr 2026, 10:33
Last Modified
Vulnerability information updated

Description

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

CVSS Metrics

  • v3.0HIGHScore: 8.8CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Systems

  • ubuntuchromium-browser

    < 51.0.2704.79-0ubuntu0.14.04.1.1121 | < 51.0.2704.79-0ubuntu0.16.04.1.1242

  • ubuntulibv8-3.14

    all | all

  • ubuntuoxide-qt

    < 1.15.7-0ubuntu0.14.04.1 | < 1.15.7-0ubuntu0.16.04.1

References (4)