CVE-2023-25747: A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only...

0.0 CVSS

Description

A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.

Classification

CVE ID: CVE-2023-25747

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Mozilla

Product: Firefox for Android

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.14% (probability of being exploited)

EPSS Percentile: 51.11% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1815801
https://www.mozilla.org/security/advisories/mfsa2023-08/

Timeline

2024-12-12 00:30:32 UTC
CVE

A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only...