PT-2025-49849 · Mozilla+8 · Firefox Esr+9

Igor Morgenstern

Published

2025-01-01

Updated

2026-02-06

CVE-2025-14321

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 140.6

Description A use-after-free issue exists in the WebRTC: Signaling component of the software. This condition may lead to unexpected behavior or potentially allow for arbitrary code execution.

Recommendations Update to Firefox version 146 or later. Update to Firefox ESR version 140.6 or later.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:23034

ALSA-2025:23035

ALSA-2025:23128

ALSA-2025:23856

ALSA-2026:0025

ALSA-2026:0026

BDU:2025-15643

CVE-2025-14321

DLA-4401-1

DLA-4405-1

DSA-6078-1

DSA-6081-1

MGASA-2025-0328

MGASA-2025-0329

OESA-2026-1085

OESA-2026-1086

OESA-2026-1088

OESA-2026-1089

OESA-2026-1090

OESA-2026-1264

OESA-2026-1285

OPENSUSE-SU-2025:15809-1

OPENSUSE-SU-2025:15813-1

OPENSUSE-SU-2025:15814-1

OPENSUSE-SU-2026:20014-1

OPENSUSE-SU-2026:20046-1

RHSA-2025:23034

RHSA-2025:23035

RHSA-2025:23128

RHSA-2025:23856

RHSA-2026:0003

RHSA-2026:0004

RHSA-2026:0005

RHSA-2026:0006

RHSA-2026:0007

RHSA-2026:0013

RHSA-2026:0014

RHSA-2026:0015

RHSA-2026:0016

RHSA-2026:0017

RHSA-2026:0018

RHSA-2026:0019

RHSA-2026:0020

RHSA-2026:0021

RHSA-2026:0022

RHSA-2026:0023

RHSA-2026:0024

RHSA-2026:0025

RHSA-2026:0026

RHSA-2026:0124

RHSA-2026:0127

SUSE-SU-2025:4396-1

SUSE-SU-2025:4397-1

SUSE-SU-2025:4424-1

SUSE-SU-2026:20031-1

USN-7991-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Firefox

Firefox Esr

Linuxmint

Red Hat

Rocky Linux

Ubuntu

PT-2025-49849 · Mozilla+8 · Firefox Esr+9

CVE-2025-14321

Weakness Enumeration

Related Identifiers

Affected Products

References · 274