The Mozilla Foundation has released Firefox 84.0.2 that includes a security fix for a Critical vulnerability CVE-2020-16044.
An attacker could exploit the vulnerability to take control of impacted systems.
As part of Mozilla Foundation Security Advisory 2021-01, Firefox 84.0.2 patched a Critical ‘Use-after-free write’ vulnerability CVE-2020-16044.
According to Mozilla, “a malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free.”
The vulnerability update also affects Firefox for Android 84.1.3, and Firefox ESR 78.6.1.