The Chrome team has taken a fix from ANGLE to patch a UAF. The patch applies to our source and isn't is one the parts I know we don't use so it probably affects Firefox, too. "Reported by Pawel Wylecial of REDTEAM.PL on 2020-03-26" according to their stable release notes. Chrome bug (hidden): https://bugs.chromium.org/p/chromium/issues/detail?id=1065186 Patch: https://chromium.googlesource.com/angle/angle/+/91c39dae9a518706f2635ac8b87f9f5b5ed9001c Chrome has assigned CVE-2020-6463
Bug 1635293 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
The Chrome team has taken a fix from ANGLE to patch a UAF. The patch applies to our source and isn't is one the parts I know we don't use so it probably affects Firefox, too. "Reported by Pawel Wylecial of REDTEAM.PL on 2020-03-26" according to their stable release notes. Chrome bug (hidden): https://bugs.chromium.org/p/chromium/issues/detail?id=1065186 Patch: https://chromium.googlesource.com/angle/angle/+/91c39dae9a518706f2635ac8b87f9f5b5ed9001c Chrome has assigned CVE-2020-6463 [reference: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html]