Vulnerabilities (Page 5)

Google Chrome WebRTC addIceCandidate use after free vulnerability

A use-after-free in AddIceCandidate() for adding Interactive Connection Establishment candidates when starting a WebRTC session.The problem is, it’s possible to setup a Promise that can call setLocalDescription(), which will mark part of the local description memory for collection by the garbage collector…

 
3
4
5
6
7
8
9