Description
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read.
Solution(s)
mozilla-firefox-esr-upgrade-91_8
Referenceshttps://attackerkb.com/topics/cve-2022-28285 CVE - 2022-28285 http://www.mozilla.org/security/announce/2022/mfsa2022-14.html