{"id":"USN-2955-1","summary":"oxide-qt vulnerabilities","details":"A use-after-free was discovered when responding synchronously to\npermission requests. An attacker could potentially exploit this to cause\na denial of service via application crash, or execute arbitrary code with\nthe privileges of the user invoking the program. (CVE-2016-1578)\n\nAn out-of-bounds read was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash. (CVE-2016-1646)\n\nA use-after-free was discovered in the navigation implementation in\nChromium in some circumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\ncause a denial of service via application crash, or execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2016-1647)\n\nA buffer overflow was discovered in ANGLE. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via application crash, or execute\narbitrary code with the privileges of the user invoking the program.\n(CVE-2016-1649)\n\nAn out-of-bounds write was discovered in V8. If a user were tricked in to\nopening a specially crafted website, an attacker could potentially exploit\nthis to cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed renderer process.\n(CVE-2016-1653)\n\nAn invalid read was discovered in the media subsystem in Chromium. If a\nuser were tricked in to opening a specially crafted website, an attacker\ncould potentially exploit this to cause a denial of service via\napplication crash. (CVE-2016-1654)\n\nIt was discovered that frame removal during callback execution could\ntrigger a use-after-free in Blink. If a user were tricked in to opening\na specially crafted website, an attacker could potentially exploit this\nto cause a denial of service via renderer crash, or execute arbitrary\ncode with the privileges of the sandboxed renderer process.\n(CVE-2016-1655)\n\nMultiple security issues were discovered in Chromium. If a user were\ntricked in to opening a specially crafted website, an attacker could\npotentially exploit these to read uninitialized memory, cause a denial\nof service via application crash or execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2016-1659)\n\nMultiple security issues were discovered in V8. If a user were tricked\nin to opening a specially crafted website, an attacker could potentially\nexploit these to read uninitialized memory, cause a denial of service via\nrenderer crash or execute arbitrary code with the privileges of the\nsandboxed render process. (CVE-2016-3679)\n","modified":"2026-02-10T04:40:58Z","published":"2016-04-27T21:10:46Z","related":["UBUNTU-CVE-2016-1578","UBUNTU-CVE-2016-1646","UBUNTU-CVE-2016-1647","UBUNTU-CVE-2016-1649","UBUNTU-CVE-2016-1653","UBUNTU-CVE-2016-1654","UBUNTU-CVE-2016-1655","UBUNTU-CVE-2016-1659","UBUNTU-CVE-2016-3679"],"upstream":["CVE-2016-1578","CVE-2016-1646","CVE-2016-1647","CVE-2016-1649","CVE-2016-1653","CVE-2016-1654","CVE-2016-1655","CVE-2016-1659","CVE-2016-3679","UBUNTU-CVE-2016-1578","UBUNTU-CVE-2016-1646","UBUNTU-CVE-2016-1647","UBUNTU-CVE-2016-1649","UBUNTU-CVE-2016-1653","UBUNTU-CVE-2016-1654","UBUNTU-CVE-2016-1655","UBUNTU-CVE-2016-1659","UBUNTU-CVE-2016-3679"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2955-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1578"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1646"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1647"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1649"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1653"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1654"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1655"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-1659"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-3679"},{"type":"REPORT","url":"https://launchpad.net/bugs/1561450"}],"affected":[{"package":{"name":"oxide-qt","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/oxide-qt@1.14.7-0ubuntu0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.14.7-0ubuntu0.14.04.1"}]}],"versions":["1.0.0~bzr437-0ubuntu1","1.0.0~bzr452-0ubuntu1","1.0.0~bzr475-0ubuntu1","1.0.0~bzr490-0ubuntu1","1.0.0~bzr501-0ubuntu1","1.0.0~bzr501-0ubuntu2","1.0.4-0ubuntu0.14.04.1","1.0.5-0ubuntu0.14.04.1","1.1.2-0ubuntu0.14.04.1","1.2.5-0ubuntu0.14.04.1","1.3.4-0ubuntu0.14.04.1","1.4.2-0ubuntu0.14.04.1","1.4.3-0ubuntu0.14.04.1","1.5.5-0ubuntu0.14.04.3","1.5.6-0ubuntu0.14.04.2","1.6.5-0ubuntu0.14.04.1","1.6.6-0ubuntu0.14.04.1","1.7.8-0ubuntu0.14.04.1","1.7.9-0ubuntu0.14.04.1","1.8.4-0ubuntu0.14.04.2","1.9.1-0ubuntu0.14.04.2","1.9.5-0ubuntu0.14.04.1","1.10.3-0ubuntu0.14.04.1","1.11.3-0ubuntu0.14.04.1","1.11.4-0ubuntu0.14.04.1","1.12.5-0ubuntu0.14.04.1","1.12.6-0ubuntu0.14.04.1","1.12.7-0ubuntu0.14.04.1","1.13.6-0ubuntu0.14.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"liboxideqt-qmlplugin","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtcore-dev","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtcore0","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtquick-dev","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"liboxideqtquick0","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"oxideqmlscene","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-chromedriver","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-codecs","binary_version":"1.14.7-0ubuntu0.14.04.1"},{"binary_name":"oxideqt-codecs-extra","binary_version":"1.14.7-0ubuntu0.14.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1578"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1646"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1647"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1649"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1653"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1654"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1655"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1659"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-3679"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2955-1.json"}},{"package":{"name":"oxide-qt","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/oxide-qt@1.14.7-0ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.14.7-0ubuntu1"}]}],"versions":["1.9.5-0ubuntu1","1.10.3-0ubuntu0.15.10.1","1.10.3-0ubuntu0.15.10.2","1.11.3-0ubuntu3","1.11.4-0ubuntu1","1.11.5-0ubuntu1","1.12.5-0ubuntu1","1.12.6-0ubuntu1","1.12.7-0ubuntu1","1.13.6-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"liboxideqt-qmlplugin","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"liboxideqtcore-dev","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"liboxideqtcore0","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"liboxideqtquick-dev","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"liboxideqtquick0","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"oxideqt-codecs","binary_version":"1.14.7-0ubuntu1"},{"binary_name":"oxideqt-codecs-extra","binary_version":"1.14.7-0ubuntu1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1578"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1646"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1647"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1649"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1653"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1654"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1655"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-1659"},{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-3679"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2955-1.json"}}],"schema_version":"1.7.3"}