CVE-2021-43537Incorrect Type Conversion or Cast in Mozilla Firefox

CWE-704Incorrect Type Conversion or CastCWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-681Incorrect Conversion between Numeric TypesCWE-680Integer Overflow to Buffer OverflowCWE-120Classic Buffer Overflow21 documents9 sources
Severity
8.8HIGHNVD
OSV6.5
EPSS
0.6%
top 31.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird+1 more
Timeline
PublishedDec 8
Latest updateJan 21

Description

An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages9 packages

CVEListV5mozilla/firefoxunspecified95
NVDmozilla/firefox< 95.0
CVEListV5mozilla/firefox_esrunspecified91.4.0
NVDmozilla/firefox_esr< 91.4.0
Ubuntumozilla/firefox< 95.0.1+build2-0ubuntu0.18.04.1+3

Also affects: Debian Linux 10.0, 11.0, 9.0

🔴Vulnerability Details

6
OSV
thunderbird vulnerabilities2022-01-21
OSV
firefox regressions2021-12-20
GHSA
GHSA-hjx6-wrvc-5958: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash2021-12-09
OSV
firefox vulnerabilities2021-12-09
OSV
CVE-2021-43537: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash2021-12-08

📋Vendor Advisories

9
Ubuntu
Thunderbird vulnerabilities2022-01-21
Ubuntu
Thunderbird vulnerabilities2022-01-21
Ubuntu
Firefox regressions2021-12-20
Ubuntu
Firefox vulnerabilities2021-12-09
Red Hat
Mozilla: Heap buffer overflow when using structured clone2021-12-07

📐Framework References

5
CWE
Heap-based Buffer Overflow
CWE
Integer Overflow or Wraparound
CWE
Incorrect Type Conversion or Cast
CWE
Incorrect Conversion between Numeric Types
CWE
Integer Overflow to Buffer Overflow
CVE-2021-43537 — Incorrect Type Conversion or Cast | cvebase