CVE-2018-5180

Summary

A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 60affected

Weaknesses

  • heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced

ADP Enrichment

CVE Program Container

Additional References

References