Endpoint Vulnerability

Use-after-free when textures are used in WebGL operations after recycle pool destruction


Mozilla community member jomo reported a use-after-free crash when processing WebGL content. This issue was caused by the use of a texture after its recycle pool has been destroyed during WebGL operations, which frees the memory associated with the texture. This results in a potentially exploitable crash when the texture is later called.

Affected Products

Firefox ESR