CVE-2023-25747

Summary

A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox for Android < 110.1.0.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox for Androidunspecified < 110.1.0affected

Weaknesses

  • Potential use-after-free in libaudio when used on Android API <= 30

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References