Mozilla Foundation Security Advisory 2016-67

Stack underflow during 2D graphics rendering

Announced
August 2, 2016
Reporter
Georg Koppen
Impact
High
Products
Firefox, Firefox ESR
Fixed in
  • Firefox 48
  • Firefox ESR 45.3

Description

Georg Koppen of the Tor Project used the Address Sanitizer tool to discover a stack buffer underflow when calculating clipping regions in 2D graphics. This results in a potentially exploitable crash.

References