Launchpad.net

CVE 2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

Related bugs and status

CVE-2012-2870 (Candidate) is related to these bugs:

Bug #1084852: Chromium still tries to enable NEON on arm* builds when told not to

		In	Importance	Status
1084852	Chromium still tries to enable NEON on arm* builds when told not to	chromium-browser (Ubuntu)	High	Fix Released
1084852	Chromium still tries to enable NEON on arm* builds when told not to	Chromium Browser	Unknown	Unknown
1084852	Chromium still tries to enable NEON on arm* builds when told not to	chromium-browser (Ubuntu Oneiric)	Medium	Won't Fix
1084852	Chromium still tries to enable NEON on arm* builds when told not to	chromium-browser (Ubuntu Precise)	Medium	Fix Released
1084852	Chromium still tries to enable NEON on arm* builds when told not to	chromium-browser (Ubuntu Quantal)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-2870

Related bugs and status

Related bugs

References