Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/#CVE-2021-23960
Acknowledgments: Name: the Mozilla project Upstream: Irvan Kurniawan
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:0285 https://access.redhat.com/errata/RHSA-2021:0285
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:0288 https://access.redhat.com/errata/RHSA-2021:0288
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:0289 https://access.redhat.com/errata/RHSA-2021:0289
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:0290 https://access.redhat.com/errata/RHSA-2021:0290
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-23960
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:0297 https://access.redhat.com/errata/RHSA-2021:0297
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:0298 https://access.redhat.com/errata/RHSA-2021:0298
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:0299 https://access.redhat.com/errata/RHSA-2021:0299
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:0397 https://access.redhat.com/errata/RHSA-2021:0397