CVE-2025-12380

Sažetak

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox < 144.0.2.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1993113
https://www.mozilla.org/security/advisories/mfsa2025-86/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

28-10-2025 - 14:15

Objavljeno

28-10-2025 - 14:15