In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox < 118.
En la representación del lienzo, un proceso de contenido comprometido podría haber provocado que una superficie cambiara inesperadamente, lo que habría provocado una pérdida de memoria de un proceso privilegiado. Esta pérdida de memoria podría usarse para efectuar un escape de la sandbox si se filtraron los datos correctos. Esta vulnerabilidad afecta a Firefox < 118.
USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Ronald Crane discovered that Firefox did not properly manage memory when non-HTTPS Alternate Services is enabled. An attacker could potentially exploit this issue to cause a denial of service. Clément Lecigne discovered that Firefox did not properly manage memory when handling VP8 media stream. An attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process, resulting in a denial of service, or possibly execute arbitrary code.
