Endpoint Vulnerability

Use-after-free in WebRTC when datachannel is used after being destroyed

Description

Security researcher Looben Yang reported a use-after-free error in WebRTC that occurs due to timing issues in WebRTC when closing channels. WebRTC may still believe is has a datachannel open after another WebRTC function has closed it. This results in attempts to use the now destroyed datachannel, leading to a potentially exploitable crash.

Affected Products

Firefox,Firefox ESR

References

CVE-2015-7210,