Skia Use-After-Free Vulnerability in SkMatrix::invertNonIdentity Function

Skia Use-After-Free Vulnerability in SkMatrix::invertNonIdentity Function

CVE-2015-1294 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation.

Learn more about our Cis Benchmark Audit For Google Chrome.