Endpoint Vulnerability

Use-after-free due to Media Decoder Thread creation during shutdown

Description

Security researchers Tyson Smith and Jesse Schwartzentruber reported a use-after-free during the shutdown process. This was caused by a race condition when media decoder threads are created during the shutdown process in some circumstances. This leads to a potentially exploitable crash when triggered.

Affected Products

Firefox

References

CVE-2015-2715,