750743 – (CVE-2020-15969) [Tracker] usersctp (bundled in Firefox, Chromium): Use-after-free (CVE-2020-15969)

Bug 750743 (CVE-2020-15969) - [Tracker] usersctp (bundled in Firefox, Chromium): Use-after-free (CVE-2020-15969)

Summary: [Tracker] usersctp (bundled in Firefox, Chromium): Use-after-free (CVE-2020-1...

Status:	RESOLVED FIXED

Alias:	CVE-2020-15969

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:	CVE-2020-15967, CVE-2020-15968, CVE-2020-15970, CVE-2020-15971, CVE-2020-15972, CVE-2020-15973, CVE-2020-15974, CVE-2020-15975, CVE-2020-15976, CVE-2020-15977, CVE-2020-15978, CVE-2020-15979, CVE-2020-15980, CVE-2020-15981, CVE-2020-15982, CVE-2020-15983, CVE-2020-15984, CVE-2020-15985, CVE-2020-15986, CVE-2020-15987, CVE-2020-15988, CVE-2020-15989, CVE-2020-15990, CVE-2020-15991, CVE-2020-15992, CVE-2020-6557 CVE-2020-15683, MFSA-2020-45, MFSA-2020-46, MFSA-2020-47
Blocks:
	Show dependency tree

Reported:	2020-10-22 14:26 UTC by Sam James
Modified:	2020-10-28 00:37 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2020-10-22 14:26:29 UTC

"A use-after-free bug in the usersctp library was reported upstream. We assume this could have led to memory corruption and a potentially exploitable crash."

(from Mozilla bug)