PT-2021-3795 · Mozilla+8 · Firefox Esr+10

Lukas Bernhard

·

Published

2021-08-10

·

Updated

2024-12-12

·

CVE-2021-29984

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 91 Thunderbird versions prior to 78.13 Firefox ESR versions prior to 78.13 Firefox versions prior to 91
Description The issue is related to instruction reordering, which causes memory corruption and a potentially exploitable crash due to incorrect object consideration during garbage collection. It may also be related to a boundary error during JIT-optimization, potentially allowing a remote attacker to execute arbitrary code in the target system and cause memory damage.
Recommendations For Thunderbird versions prior to 91, update to version 91 or later. For Thunderbird versions prior to 78.13, update to version 78.13 or later. For Firefox ESR versions prior to 78.13, update to version 78.13 or later. For Firefox versions prior to 91, update to version 91 or later.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALT-PU-2021-2479
ALT-PU-2021-2481
ALT-PU-2021-2488
ALT-PU-2021-2491
ALT-PU-2021-2501
ALT-PU-2021-2504
ALT-PU-2021-2527
ALT-PU-2021-2607
ALT-PU-2021-2624
ALT-PU-2021-2636
ALT-PU-2021-2718
ALT-PU-2021-2725
ALT-PU-2021-2849
ALT-PU-2021-2881
ALT-PU-2021-3368
ALT-PU-2021-3369
ALT-PU-2022-1781
ALT-PU-2022-1782
BDU:2021-04070
CESA-2021_3154
CESA-2021_3155
CESA-2021_3157
CESA-2021_3160
CVE-2021-29984
DLA-2740-1
DLA-2745-1
DSA-4956-1
DSA-4959-1
MGASA-2021-0403
MGASA-2021-0407
OESA-2023-1673
OESA-2023-1674
OESA-2024-1893
OPENSUSE-SU-2021:1184-1
OPENSUSE-SU-2021:1367-1
OPENSUSE-SU-2021:2774-1
OPENSUSE-SU-2021:2874-1
OPENSUSE-SU-2021:3331-1
OPENSUSE-SU-2021:3451-1
OPENSUSE-SU-2021_1184-1
OPENSUSE-SU-2021_1367-1
OPENSUSE-SU-2021_2774-1
OPENSUSE-SU-2021_2874-1
OPENSUSE-SU-2021_3331-1
OPENSUSE-SU-2021_3451-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:11059-1
OPENSUSE-SU-2024:14572-1
RHSA-2021:3154
RHSA-2021:3155
RHSA-2021:3156
RHSA-2021:3157
RHSA-2021:3159
RHSA-2021:3160
RHSA-2021:3161
RHSA-2021:3162
RHSA-2021_3154
RHSA-2021_3155
RHSA-2021_3157
RHSA-2021_3160
RLSA-2021:3155
RLSA-2021:3157
SUSE-SU-2021:14782-1
SUSE-SU-2021:14821-1
SUSE-SU-2021:14826-1
SUSE-SU-2021:2691-1
SUSE-SU-2021:2694-1
SUSE-SU-2021:2774-1
SUSE-SU-2021:2874-1
SUSE-SU-2021:3191-1
SUSE-SU-2021:3331-1
SUSE-SU-2021:3451-1
SUSE-SU-2021_14782-1
SUSE-SU-2021_14821-1
SUSE-SU-2021_14826-1
SUSE-SU-2022:1577-1
SUSE-SU-2022:1582-1
SUSE-SU-2022_1577-1
SUSE-SU-2022_1582-1
USN-5037-1
USN-5037-2
USN-5058-1

Affected Products

Alt Linux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu