CVE-2020-16044

Опубликовано: 09 фев. 2021

Источник: debian

Описание

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

Пакеты

Пакет	Статус	Версия исправления	Тип
firefox	fixed	84.0.2-1	package
firefox-esr	fixed	78.6.1esr-1	package
thunderbird	fixed	1:78.6.1-1	package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/#CVE-2020-16044
https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/#CVE-2020-16044

Связанные уязвимости

CVE-2020-16044

CVSS3: 8.8

ubuntu

почти 5 лет назад

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

CVE-2020-16044

CVSS3: 8.8

redhat

около 5 лет назад

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

CVE-2020-16044

CVSS3: 8.8

nvd

почти 5 лет назад

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

CVE-2020-16044

msrc

около 5 лет назад

Chromium CVE-2020-16044: Use after free in WebRTC

openSUSE-SU-2021:0127-1

suse-cvrf

около 5 лет назад

Security update for MozillaThunderbird