PT-2021-15637 · Mozilla+7 · Firefox+9

Abraruddin Khan

+1

·

Published

2021-03-23

·

Updated

2024-12-12

·

CVE-2021-23981

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 78.9 Firefox versions prior to 87 Thunderbird versions prior to 78.9
Description: A texture upload of a Pixel Buffer Object could confuse the WebGL code, leading to memory corruption and potentially causing an information leak or crash.
Recommendations: For Firefox ESR versions prior to 78.9, update to version 78.9 or later. For Firefox versions prior to 87, update to version 87 or later. For Thunderbird versions prior to 78.9, update to version 78.9 or later.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2021-1543
ALT-PU-2021-1549
ALT-PU-2021-1562
ALT-PU-2021-1564
ALT-PU-2021-1804
ALT-PU-2021-1886
ALT-PU-2021-1892
ALT-PU-2021-2725
ALT-PU-2021-2881
ALT-PU-2021-3368
ALT-PU-2021-3369
ALT-PU-2022-1781
ALT-PU-2022-1782
CESA-2021_0990
CESA-2021_0992
CESA-2021_0993
CESA-2021_0996
CVE-2021-23981
DLA-2607-1
DLA-2609-1
DSA-4874-1
DSA-4876-1
MGASA-2021-0163
MGASA-2021-0164
OESA-2023-1673
OESA-2023-1674
OPENSUSE-SU-2021:0487-1
OPENSUSE-SU-2021:0580-1
OPENSUSE-SU-2021_0487-1
OPENSUSE-SU-2021_0580-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2021:0989
RHSA-2021:0990
RHSA-2021:0991
RHSA-2021:0992
RHSA-2021:0993
RHSA-2021:0994
RHSA-2021:0995
RHSA-2021:0996
RHSA-2021_0990
RHSA-2021_0992
RHSA-2021_0993
RHSA-2021_0996
SUSE-SU-2021:0966-1
SUSE-SU-2021:0999-1
SUSE-SU-2021:1007-1
SUSE-SU-2021:1167-1
SUSE-SU-2021:14684-1
SUSE-SU-2021_0966-1
SUSE-SU-2021_0999-1
SUSE-SU-2021_1007-1
SUSE-SU-2021_14684-1
USN-4893-1
USN-4995-1
USN-4995-2

Affected Products

Alt Linux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Suse
Thunderbird
Ubuntu