Mozilla Foundation Security Advisory 2015-31

Use-after-free when using the Fluendo MP3 GStreamer plugin

Announced
March 31, 2015
Reporter
Aki Helin
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird
Fixed in
  • Firefox 37
  • Firefox ESR 31.6
  • SeaMonkey 2.35
  • Thunderbird 31.6

Description

Security researcher Aki Helin reported a use-after-free when playing certain MP3 format audio files on the web using the Fluendo MP3 plugin for GStreamer on Linux. This is due to a flaw in handling certain MP3 files by the plugin and its interaction with Mozilla code. This can lead to a potentially exploitable crash.

This flaw only affects Linux installations. Windows and OS X users are unaffected by it.

References