Use-after-free vulnerability in StyleResolver::appendCSSStyleSheet function in Blink

Use-after-free vulnerability in StyleResolver::appendCSSStyleSheet function in Blink

CVE-2016-1634 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action.

Learn more about our Cis Benchmark Audit For Google Chrome.