Red Hat Bugzilla – Bug 1252277
CVE-2015-4477 Mozilla: Use-after-free in MediaStream playback (MFSA 2015-81)
Last modified: 2016-03-04 06:43:16 EST
Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash.
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges SkyLined as the original reporter.
This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5, 6 and 7.