CVE-2016-5200
Publication date 11 November 2016
Last updated 25 August 2025
Ubuntu priority
Description
V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| chromium-browser | ||
| 18.04 LTS bionic |
Fixed 55.0.2883.87-0ubuntu1
|
|
| 16.04 LTS xenial |
Fixed 55.0.2883.87-0ubuntu0.16.04.1263
|
|
| 14.04 LTS trusty |
Fixed 58.0.3029.81-0ubuntu0.14.04.1172
|
|
| libv8 | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| libv8-3.14 | ||
| 18.04 LTS bionic | Ignored end of standard support | |
| 16.04 LTS xenial | Ignored end of standard support | |
| 14.04 LTS trusty | Not in release | |
| oxide-qt | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Fixed 1.18.5-0ubuntu0.16.04.1
|
|
| 14.04 LTS trusty |
Fixed 1.18.5-0ubuntu0.14.04.1
|
|
Notes
Severity score breakdown
CVSS version: CVSS v3.0
Base score
8.8 · High
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
Related Ubuntu Security Notices (USN)
- USN-3133-1
- Oxide vulnerabilities
- 1 December 2016