CVE-2023-6856 — Out-of-bounds Write in Mozilla Firefox

CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow15 documents10 sources

Severity

8.8HIGHNVD

EPSS

11.0%

top 6.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird +1 more

Timeline

PublishedDec 19

Latest updateJan 2

Description

The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

▶CVEListV5mozilla/firefoxunspecified — 121

▶NVDmozilla/firefox< 121.0

▶CVEListV5mozilla/firefox_esrunspecified — 115.6

▶NVDmozilla/firefox_esr< 115.6

▶CVEListV5mozilla/thunderbirdunspecified — 115.6

Also affects: Debian Linux 10.0, 11.0, 12.0

🔴Vulnerability Details

OSV

firefox vulnerabilities↗2024-01-02

▶

GHSA

GHSA-9846-hqmr-2486: The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver↗2023-12-19

▶

CVEList

CVE-2023-6856: The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver↗2023-12-19

▶

OSV

CVE-2023-6856: The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver↗2023-12-19

▶

📋Vendor Advisories

Ubuntu

Firefox vulnerabilities↗2024-01-02

▶

Ubuntu

Thunderbird vulnerabilities↗2024-01-02

▶

Red Hat

Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver↗2023-12-19

▶

Microsoft

▶

Debian

CVE-2023-6856: firefox - The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overfl...↗2023

▶