CVE-2025-1930 — Use After Free in Mozilla Firefox

CWE-416 — Use After Free CWE-131 — Incorrect Calculation of Buffer Size CWE-400 — Uncontrolled Resource Consumption14 documents9 sources

Severity

8.8HIGHNVD

EPSS

0.3%

top 43.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedMar 4

Latest updateJul 22

Description

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDmozilla/firefox116.0 — 128.8.0+2

▶NVDmozilla/thunderbird< 128.8+1

▶Ubuntumozilla/thunderbird< 1:128.12.0+build1-0ubuntu0.22.04.1

🔴Vulnerability Details

OSV

CVE-2025-1930: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process↗2025-03-04

▶

GHSA

GHSA-5289-2q6r-6q3g: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process↗2025-03-04

▶

CVEList

AudioIPC StreamData could trigger a use-after-free in the Browser process↗2025-03-04

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2025-07-22

▶

Red Hat

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process↗2025-03-04

▶

Debian

CVE-2025-1930: firefox - On Windows, a compromised content process could use bad StreamData sent over Aud...↗2025

▶

Microsoft

No Limit on Number of Open Sessions / Bad Session Close Behaviour↗2024-05-14

▶

Mozilla

Mozilla Foundation Security Advisory 2025-15: CVE-2025-1930↗

▶