A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/#CVE-2018-5129
Acknowledgments: Name: the Mozilla project Upstream: James Grant
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:0526 https://access.redhat.com/errata/RHSA-2018:0526
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0527 https://access.redhat.com/errata/RHSA-2018:0527
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0648 https://access.redhat.com/errata/RHSA-2018:0648
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0647