CVE-2021-43529 — Out-of-bounds Write in Mozilla Thunderbird

CWE-787 — Out-of-bounds Write CWE-120 — Classic Buffer Overflow7 documents7 sources

Severity

9.8CRITICALNVD

EPSS

0.3%

top 43.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Thunderbird Debian Thunderbird Mozilla Firefox

Timeline

PublishedFeb 16

Latest updateFeb 17

Description

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/thunderbird< thunderbird 1:91.3.0-1 (bookworm)

▶NVDmozilla/thunderbird< 91.3.0

▶Debianmozilla/thunderbird< 1:91.4.1-1~deb11u1+3

▶mozillamozilla/firefox

🔴Vulnerability Details

GHSA

GHSA-82q7-2fg2-4gcj: Thunderbird versions prior to 91↗2023-02-17

▶

OSV

CVE-2021-43529: Thunderbird versions prior to 91↗2023-02-16

▶

📋Vendor Advisories

Red Hat

thunderbird: Memory corruption when processing S/MIME messages↗2021-12-01

▶

Debian

CVE-2021-43529: thunderbird - Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow describ...↗2021

▶

Mozilla

Mozilla Foundation Security Advisory 2021-50: CVE-2021-43529↗

▶

💬Community

Bugzilla

Automatic S/MIME cert import should use additional verification using mozilla::pkix↗2021-10-29

▶