PT-2022-6964 · Mozilla+3 · Firefox+3

Timothy Nikkel

Published

2022-10-18

Updated

2024-03-13

CVE-2022-46884

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 106

Description A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have led to memory corruption or a potentially exploitable crash.

Recommendations For Firefox versions prior to 106, update to Firefox 106 or later to resolve the issue. As a temporary workaround, consider avoiding the use of SVG images in Firefox until the update is applied.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2023-5754

ALT-PU-2023-6436

ALT-PU-2024-3614

BDU:2023-05886

CVE-2022-46884

Affected Products

Alt Linux

Astra Linux

Firefox

Red Os

PT-2022-6964 · Mozilla+3 · Firefox+3

CVE-2022-46884

Weakness Enumeration

Related Identifiers

Affected Products

References · 23