Mozilla Foundation Security Advisory 2016-65
Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
- Announced
- August 2, 2016
- Reporter
- Bert Massop
- Impact
- Moderate
- Products
- Firefox, Firefox ESR
- Fixed in
-
- Firefox 48
- Firefox ESR 45.3
Description
Security researcher Bert Massop reported a crash in the Cairo graphics layer on Linux systems using the LibAV library included in version 0.10 of the FFmpeg library. This was due to an error when allocating the LibAV header when decoding some videos.
This only affects systems running the Linux operating system that also have FFMpeg version 0.10 installed and does not affect OS X or Windows systems.