Published: 26 April 2019
A use-after-free vulnerability can occur while playing a sound notification in Thunderbird. The memory storing the sound data is immediately freed, although the sound is still being played asynchronously, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5.
CVSS 3 base score: 9.8
Launchpad, Ubuntu, Debian
|Ubuntu 18.04 LTS (Bionic Beaver)||
|Ubuntu 16.04 ESM (Xenial Xerus)||
|Ubuntu 14.04 ESM (Trusty Tahr)||
Does not exist