CVE-2021-29952 - OpenCVE

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Firefox

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox::::::-::*
	cpe:2.3:a:mozilla:firefox::::::android::*

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1704227	Permissions Required Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2021-20/	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2021-06-24T13:18:33

Updated: 2021-06-24T13:18:33

Reserved: 2021-04-01T00:00:00

Link: CVE-2021-29952

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-06-24T14:15:09.973

Modified: 2021-06-25T20:19:25.257

Link: CVE-2021-29952

JSON object: View

Redhat Information

No data.

CWE

CWE-362

{"containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "88.0.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox for Android", "vendor": "Mozilla", "versions": [{"lessThan": "88.1.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3."}], "problemTypes": [{"descriptions": [{"description": "Race condition in Web Render Components", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-24T13:18:33", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-20/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704227"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-29952", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "88.0.1"}]}}, {"product_name": "Firefox for Android", "version": {"version_data": [{"version_affected": "<", "version_value": "88.1.3"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Race condition in Web Render Components"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-20/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-20/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704227", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704227"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-29952", "datePublished": "2021-06-24T13:18:33", "dateReserved": "2021-04-01T00:00:00", "dateUpdated": "2021-06-24T13:18:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:-:*:*", "matchCriteriaId": "9DA518B8-6A0A-4AD2-A4C9-6FF6AEA7B56F", "versionEndExcluding": "88.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*", "matchCriteriaId": "1399E175-84F3-424E-8B02-FAF944DA1D84", "versionEndExcluding": "88.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3."}, {"lang": "es", "value": "Cuando se destru\u00edan los componentes de Web Render, una condici\u00f3n de carrera podr\u00eda haber causado un comportamiento indefinido, y presumimos que con suficiente esfuerzo podr\u00eda haber sido explotable para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox versiones anteriores a 88.0.1 y a Firefox para Android versiones anteriores a 88.1.3"}], "id": "CVE-2021-29952", "lastModified": "2021-06-25T20:19:25.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-24T14:15:09.973", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1704227"}, {"source": "security@mozilla.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-20/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}