Security researcher Abhishek Arya (Inferno) of the Google
Chrome Security Team and Mozilla security developer Gary Kwong
used the Address Sanitizer tool to discover a double-free error when sending a
zero-length XmlHttpRequest (XHR). This was due to errors in memory allocation
when using different memory allocator libraries than jemalloc used
by Mozilla builds. When those other memory allocators are used for build
compilation, this could cause a potentially exploitable crash during some XHR
actions.
This vulnerability does not happen in Firefox as built by Mozilla, but can occur when Firefox is built using a memory allocator that follows older pre-standard behaviors.
Vulmon