> Honestly, as one of the devs involved with this security fix, I can tell > you that I don't know. It is a use-after-free in some situations. > Is it reachable from remote? I don't know. > Is it reachable from local? Maybe. > Is the use-after-free exploitable? Damn hard to tell, it is for sure not easy. > Was there a PoC exploit? No, there was no PoC. > I will not invest hours of my time to figure out something that does not > really interest me. The fix is out, everyone can update.
Thx, that was the answer I was hoping for! :) -- Jonathan