CVE-2020-12416

Summary

A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 78affected

Weaknesses

  • Use-after-free in WebRTC VideoBroadcaster

ADP Enrichment

CVE Program Container

Additional References

References