Mozilla and Google have released stable updates for Firefox and Chrome to address high-severity vulnerabilities, including memory corruption issues. Mozilla’s Firefox 117 includes patches for 13 vulnerabilities, with seven rated as high severity. Four of these are memory corruption bugs that could lead to potentially exploitable crashes. One of the high-severity vulnerabilities is an integer overflow issue that could result in a heap buffer overflow potentially leaking sensitive data, leading to a sandbox escape. Additionally, Firefox ESR versions have also been updated with patches. Google’s Chrome update addresses a use-after-free flaw in the MediaStream component that could potentially allow for remote code execution. Both companies have not mentioned any active exploitation of these vulnerabilities.

Read more: https://www.securityweek.com/high-severity-memory-corruption-vulnerabilities-patched-in-firefox-chrome/