Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser.
The critical bug, a use-after-free vulnerability, was dug up by longtime bug hunter Nils. The vulnerability (CVE-2017-5472) existed in the browser’s frameloader. Nils encountered the vulnerability during tree reconstruction while regenerating CSS layout. The researcher discovered that while attempting to access a node in the tree that didn’t exist, he could trigger a potentially exploitable crash.
Leave a reply