Bug 1635293 Comment 0 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

The Chrome team has taken a fix from ANGLE to patch a UAF. The patch applies to our source and isn't is one the parts I know we don't use so it probably affects Firefox, too. "Reported by Pawel Wylecial of REDTEAM.PL on 2020-03-26" according to their stable release notes.

Chrome bug (hidden): https://bugs.chromium.org/p/chromium/issues/detail?id=1065186
Patch: 
https://chromium.googlesource.com/angle/angle/+/91c39dae9a518706f2635ac8b87f9f5b5ed9001c

Chrome has assigned CVE-2020-6463
The Chrome team has taken a fix from ANGLE to patch a UAF. The patch applies to our source and isn't is one the parts I know we don't use so it probably affects Firefox, too. "Reported by Pawel Wylecial of REDTEAM.PL on 2020-03-26" according to their stable release notes.

Chrome bug (hidden): https://bugs.chromium.org/p/chromium/issues/detail?id=1065186
Patch: 
https://chromium.googlesource.com/angle/angle/+/91c39dae9a518706f2635ac8b87f9f5b5ed9001c

Chrome has assigned CVE-2020-6463

[reference: https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html]

Back to Bug 1635293 Comment 0