Staying alert! – Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR (3rd Apr 2020)

Preface: According on 2020 market statistic, FireFox market share only 9.25%. But Chrome has 68.11% coverage. However I like FireFox.

How Firefox’s memory allocator works?

Firefox uses a memory allocator called moz jemalloc. There are two properties which focus by cyber security expert so far!

[PSJ] – In essence, a chunk is broken into several runs.

– Each run holds regions of a specific size. [TSOF]

– The feature of jemalloc is that it operates in a last-in-first-out (LIFO) manner, a free followed by a garbage collection and a subsequent allocation request for the same size, most likely ends up in the freed region.

Vulnerability details: CVE-2020-6819 is a use-after-free vulnerability due to a race condition when the nsDocShell destructor is running. CVE-2020-6820 is a use-after-free vulnerability due to a race condition in the ReadableStream class, which is used to read a stream of data.

Official announcement – https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.