A double-free could have occurred in vpx_codec_enc_init_multi
after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 139 and Thunderbird < 128.11.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Ubuntu | focal | * |
Mozjs102 | Ubuntu | esm-apps/noble | * |
Mozjs102 | Ubuntu | jammy | * |
Mozjs102 | Ubuntu | noble | * |
Mozjs115 | Ubuntu | devel | * |
Mozjs115 | Ubuntu | noble | * |
Mozjs115 | Ubuntu | oracular | * |
Mozjs115 | Ubuntu | plucky | * |
Mozjs52 | Ubuntu | esm-apps/focal | * |
Mozjs52 | Ubuntu | esm-infra/bionic | * |
Mozjs52 | Ubuntu | focal | * |
Mozjs68 | Ubuntu | esm-infra/focal | * |
Mozjs68 | Ubuntu | focal | * |
Mozjs78 | Ubuntu | esm-apps/jammy | * |
Mozjs78 | Ubuntu | jammy | * |
Mozjs91 | Ubuntu | jammy | * |
Thunderbird | Ubuntu | focal | * |