Endpoint Vulnerability

Use-after-free in DTLS during WebRTC session shutdown

Description

Security researcher Looben Yang reported a use-after-free vulnerability in WebRTC. This occurs during WebRTC session shutdown when DTLS objects in memory are freed while still actively in use. This results in a potentially exploitable crash.

Affected Products

Firefox

References

CVE-2016-5258,