Headline
CVE-2023-25747: Security Vulnerabilities fixed in Firefox for Android 110.1.0
A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox for Android < 110.1.0.
Mozilla Foundation Security Advisory 2023-08
Announced
February 28, 2023
Impact
high
Products
Firefox for Android
Fixed in
- Firefox for Android 110.1
#CVE-2023-25747: Potential use-after-free in libaudio when used on Android API <= 30
Reporter
Chris Peterson
Impact
high
Description
A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30.
This bug only affects Firefox for Android. Other versions of Firefox are unaffected.
References
- Bug 1815801