Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-7210

Source

Mozilla Foundation Security Advisory 2015-138

Use-after-free in WebRTC when datachannel is used after being destroyed

Announced

December 15, 2015

Reporter

Looben Yang

Impact

Critical

Products

Firefox, Firefox ESR, Firefox OS

Fixed in

Firefox 43
Firefox ESR 38.5
Firefox OS 2.5

Description

Security researcher Looben Yang reported a use-after-free error in WebRTC that occurs due to timing issues in WebRTC when closing channels. WebRTC may still believe is has a datachannel open after another WebRTC function has closed it. This results in attempts to use the now destroyed datachannel, leading to a potentially exploitable crash.

References

UAF due to DataChannelConnection not Destroy()ed before deletion (CVE-2015-7210)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Use-after-free in WebRTC when datachannel is used after being destroyed

Use-after-free in WebRTC when datachannel is used after being destroyed

Description

References

Vulmon Search

About

Products

Connect