Vulnerabilities (Page 45)

Google Chrome WebRTC addIceCandidate use after free vulnerability

A use-after-free in AddIceCandidate() for adding Interactive Connection Establishment candidates when starting a WebRTC session.The problem is, it’s possible to setup a Promise that can call setLocalDescription(), which will mark part of the local description memory for collection by the garbage collector…