Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1

2021-01-06T00:00:00
ID MFSA2021-01
Type mozilla
Reporter Mozilla Foundation
Modified 2021-01-06T00:00:00

Description

A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.