An out-of-bounds read has been found in Firefox before 74. The inputs to sctp_load_addresses_from_init are verified by sctp_arethere_unrecognized_parameters; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a chunk.
An out-of-bounds read has been found in Firefox before 74. The inputs to sctp_load_addresses_from_init are verified by sctp_arethere_unrecognized_parameters; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a chunk.
https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2019-20503 https://bugzilla.mozilla.org/show_bug.cgi?id=1613765