A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126.
{ "binaries": [ { "binary_name": "firefox", "binary_version": "126.0+build2-0ubuntu0.20.04.1" }, { "binary_name": "firefox-dev", "binary_version": "126.0+build2-0ubuntu0.20.04.1" }, { "binary_name": "firefox-geckodriver", "binary_version": "126.0+build2-0ubuntu0.20.04.1" }, { "binary_name": "firefox-mozsymbols", "binary_version": "126.0+build2-0ubuntu0.20.04.1" } ], "availability": "No subscription required" }