Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2016-2828

Source

Mozilla Foundation Security Advisory 2016-56

Use-after-free when textures are used in WebGL operations after recycle pool destruction

Announced

June 7, 2016

Reporter

jomo

Impact

High

Products

Firefox, Firefox ESR

Fixed in

Firefox 47
Firefox ESR 45.2

Description

Mozilla community member jomo reported a use-after-free crash when processing WebGL content. This issue was caused by the use of a texture after its recycle pool has been destroyed during WebGL operations, which frees the memory associated with the texture. This results in a potentially exploitable crash when the texture is later called.

References

Crash when zooming out on a three.js demo (CVE-2016-2828)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Use-after-free when textures are used in WebGL operations after recycle pool destruction

Use-after-free when textures are used in WebGL operations after recycle pool destruction

Description

References

Vulmon Search

About

Products

Connect