When `flex-basis` was used on a table wrapper, a `StyleGenericFlexBasis` object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-26974
Acknowledgments: Name: the Mozilla project Upstream: Pham Bao (VinCSS - Member of Vingroup)
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:5564 https://access.redhat.com/errata/RHSA-2020:5564
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:5562 https://access.redhat.com/errata/RHSA-2020:5562
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2020:5563 https://access.redhat.com/errata/RHSA-2020:5563
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:5565 https://access.redhat.com/errata/RHSA-2020:5565
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5561 https://access.redhat.com/errata/RHSA-2020:5561
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-26974
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5618 https://access.redhat.com/errata/RHSA-2020:5618
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2020:5622 https://access.redhat.com/errata/RHSA-2020:5622
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:5624 https://access.redhat.com/errata/RHSA-2020:5624
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:5644 https://access.redhat.com/errata/RHSA-2020:5644
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:5645 https://access.redhat.com/errata/RHSA-2020:5645