Acknowledged
Created: May 17, 2016
Updated: May 29, 2018
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1663
