When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11757
Acknowledgments: Name: the Mozilla project Upstream: Zhanjia Song
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:3193 https://access.redhat.com/errata/RHSA-2019:3193
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:3196 https://access.redhat.com/errata/RHSA-2019:3196
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11757
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3210
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3237
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:3281 https://access.redhat.com/errata/RHSA-2019:3281
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:3756 https://access.redhat.com/errata/RHSA-2019:3756