A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/#CVE-2017-7793
Acknowledgments: Name: the Mozilla project Upstream: Abhishek Arya
Public now via upstream advisories: https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:2831 https://access.redhat.com/errata/RHSA-2017:2831
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:2885 https://access.redhat.com/errata/RHSA-2017:2885