Race Conditions in Font Initialization Leading to Memory Corruption and Code Execution

Race Conditions in Font Initialization Leading to Memory Corruption and Code Execution

CVE-2023-29537 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Learn more about our Cis Benchmark Audit For Google Android.