CVE-2023-4582
11.09.2023, 09:15
Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 117.0 |
| mozilla | firefox_esr | 𝑥 < 115.2 |
| mozilla | thunderbird | 𝑥 < 115.2 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| mozilla | firefox | 𝑥 < 117 | ADP |
| mozilla | firefox_esr | 𝑥 < 115.2 | ADP |
| mozilla | thunderbird | 𝑥 < 115.2 | ADP |
Debian Releases
Debian Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||
| firefox-esr |
| ||||||||||||
| thunderbird |
|
Ubuntu Releases
Ubuntu Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||
| mozjs102 |
| ||||||||||||
| mozjs38 |
| ||||||||||||
| mozjs52 |
| ||||||||||||
| mozjs68 |
| ||||||||||||
| mozjs78 |
| ||||||||||||
| mozjs91 |
| ||||||||||||
| thunderbird |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| MozillaFirefox |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaFirefox-devel |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaFirefox-translations-common |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaFirefox-translations-other |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-common |
| ||||||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-other |
| ||||||||||||||||||||||||||||||||||||||||
| libmozjs-115-0 |
| ||||||||||||||||||||||||||||||||||||||||
| mozjs115-devel |
|
References