CVE-2017-5114
Publication date 27 October 2017
Last updated 25 August 2025
Ubuntu priority
Description
Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| chromium-browser | ||
| 18.04 LTS bionic |
Fixed 61.0.3163.100-0ubuntu1.1378
|
|
| 16.04 LTS xenial |
Fixed 61.0.3163.100-0ubuntu0.16.04.1306
|
|
| 14.04 LTS trusty |
Fixed 61.0.3163.100-0ubuntu0.14.04.1202
|
|
| oxide-qt | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored end of standard support | |
| 14.04 LTS trusty | Not in release |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
8.8 · High
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |