A security issue has been found in Firefox before version 95 and Thunderbird before version 91.4.0. Failure to correctly record the location of live pointers across wasm instance calls resulted in a garbage collection occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash.
A security issue has been found in Firefox before version 95 and Thunderbird before version 91.4.0. Failure to correctly record the location of live pointers across wasm instance calls resulted in a garbage collection occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash.
https://www.mozilla.org/security/advisories/mfsa2021-52/ https://www.mozilla.org/security/advisories/mfsa2021-54/ https://bugzilla.mozilla.org/show_bug.cgi?id=1739683