CVE-2022-34480

Summary

Within the <code>lg_init()</code> function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 102affected

Weaknesses

  • Free of uninitialized pointer in lg_init

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References