Описание
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | released | 1:1snap1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | not-affected | |
| impish | ignored | end of life |
| jammy | released | 1:1snap1-0ubuntu1 |
| kinetic | released | 1:1snap1-0ubuntu1 |
| lunar | released | 1:1snap1-0ubuntu1 |
| trusty | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:91.8.1+build1-0ubuntu0.18.04.1 |
| devel | not-affected | 1:102.3.3+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | released | 1:91.8.1+build1-0ubuntu0.20.04.1 |
| impish | released | 1:91.8.1+build1-0ubuntu0.21.10.1 |
| jammy | not-affected | 1:91.8.0+build2-0ubuntu1 |
| kinetic | not-affected | 1:102.3.3+build1-0ubuntu1 |
| lunar | not-affected | 1:102.3.3+build1-0ubuntu1 |
| trusty | ignored | end of standard support |
Показывать по
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
After a VR Process is destroyed, a reference to it may have been retai ...
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8 and Firefox ESR < 91.8.
Уязвимость веб-браузеров Firefox ESR и почтового клиента Thunderbird, связанная с ошибкой освобождения памяти при обработке HTML-содержимого после уничтожения процесса VR, позволяющая нарушителю выполнить произвольный код
EPSS
6.5 Medium
CVSS3