A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1692832 | Issue Tracking |
https://www.mozilla.org/security/advisories/mfsa2021-10/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-11/ | Vendor Advisory |
https://www.mozilla.org/security/advisories/mfsa2021-12/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2021-03-31T13:42:17
Updated: 2021-06-24T13:28:55
Reserved: 2021-01-13T00:00:00
Link: CVE-2021-23981
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-31T14:15:18.907
Modified: 2022-05-03T16:04:40.443
Link: CVE-2021-23981
JSON object: View
Redhat Information
No data.
CWE