Description
Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allow attackers to cause a denial of service (memory corruption) via a negative value of a size parameter.
References (3)
Core 3
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1145389
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76253
Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2015/mfsa2015-77.html
Scores
EPSS
0.0041
EPSS Percentile
61.3%
Details
CWE
CWE-189
Status
published
Products (1)
mozilla/firefox_os
< 2.1.0
Published
Aug 08, 2015
Tracked Since
Feb 18, 2026