CVE-2023-25747

Name of the Vulnerable Software and Affected Versions Firefox for Android versions prior to 110.1.0

Description The issue is related to a use-after-free vulnerability in the libaudio library of Mozilla Firefox for Android. This vulnerability can be exploited by a remote attacker using a specially crafted web page, potentially allowing the execution of arbitrary code. The vulnerability is caused by the use of memory after it has been freed.

Recommendations For Firefox for Android versions prior to 110.1.0, update to version 110.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the AAudio backend when running on Android API below version 30 to minimize the risk of exploitation.