CVE-2020-15681: High severity firefox vulnerability

Q: What is CVE-2020-15681?

CVE-2020-15681 is a vulnerability that allows one WASM thread to overwrite another's entry in a shared stub table in Mozilla Firefox, potentially leading to a crash.

Q: What is the severity of CVE-2020-15681?

CVE-2020-15681 has a severity level of medium (4) in Mozilla Firefox.

Q: How does the CVE-2020-15681 vulnerability occur?

The CVE-2020-15681 vulnerability occurs when multiple WASM threads have a reference to a module and are looking up exported functions, causing one WASM thread to overwrite another's entry in a shared stub table.

Q: Which software is affected by CVE-2020-15681?

Mozilla Firefox version up to exclusive 82 is affected by CVE-2020-15681.

Q: How can I fix CVE-2020-15681?

To fix CVE-2020-15681, update your Mozilla Firefox to version 82 or later.

Published Oct 20, 2020

Updated

When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash.

Affected Software

2 affected componentsFixes available

Mozilla Firefox<82

Mozilla Firefox<82.0

Event History

Oct 20, 2020

CVE Published

12:00 AM

Oct 22, 2020

CVE Published

via MITRE·08:32 PM

Data Sourced

via MITRE·08:32 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

MFSA2020-45

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2020-15681?

CVE-2020-15681 is a vulnerability that allows one WASM thread to overwrite another's entry in a shared stub table in Mozilla Firefox, potentially leading to a crash.

What is the severity of CVE-2020-15681?

CVE-2020-15681 has a severity level of medium (4) in Mozilla Firefox.

How does the CVE-2020-15681 vulnerability occur?