CVE-2017-7757

A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

Weakness

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.

Affected Software

Name	Vendor	Start Version	End Version
Firefox	Mozilla	*	52.2.0 (excluding)
Firefox	Mozilla	*	54.0 (excluding)
Thunderbird	Mozilla	*	52.2.0 (excluding)
Red Hat Enterprise Linux 6	RedHat	firefox-0:52.2.0-1.el6_9	*
Red Hat Enterprise Linux 6	RedHat	thunderbird-0:52.2.0-1.el6_9	*
Red Hat Enterprise Linux 7	RedHat	firefox-0:52.2.0-1.el7_3	*
Red Hat Enterprise Linux 7	RedHat	thunderbird-0:52.2.0-1.el7_3	*
Firefox	Ubuntu	devel	*
Firefox	Ubuntu	trusty	*
Firefox	Ubuntu	upstream	*
Firefox	Ubuntu	xenial	*
Firefox	Ubuntu	yakkety	*
Firefox	Ubuntu	zesty	*
Thunderbird	Ubuntu	devel	*
Thunderbird	Ubuntu	trusty	*
Thunderbird	Ubuntu	upstream	*
Thunderbird	Ubuntu	xenial	*
Thunderbird	Ubuntu	yakkety	*
Thunderbird	Ubuntu	zesty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7757
CWE	https://cwe.mitre.org/data/definitions/416.html

Use After Free

Weakness

Affected Software

Potential Mitigations

References