Hide Forgot
A use-after-free vulnerability can occur when driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
Acknowledgments: Name: the Mozilla project Upstream: Nils
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2692
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:2693
Statement: This flaw cannot be exploited through email in Thunderbird as scripting is disabled in this for email content. It may be possible to exploit through Feeds (Atom or RSS) or other browser-like contexts.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3403
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3458 https://access.redhat.com/errata/RHSA-2018:3458