{"containers": {"cna": {"affected": [{"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "78.9", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "87", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "78.9", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9."}], "problemTypes": [{"descriptions": [{"description": "Texture upload into an unbound backing buffer resulted in an out-of-bound read", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-24T13:28:55", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-10/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-12/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-11/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2021-23981", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "78.9"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "87"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "78.9"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Texture upload into an unbound backing buffer resulted in an out-of-bound read"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2021-10/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-10/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-12/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-12/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2021-11/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2021-11/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:14:09.984Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-10/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-12/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-11/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2021-23981", "datePublished": "2021-03-31T13:42:17", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:14:09.984Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "3533FF74-0FD6-447B-9C37-D491D18EA529", "versionEndExcluding": "87.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "907D294D-2667-4A67-A4B7-2DDE46BE592D", "versionEndExcluding": "78.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB6DE7E3-8F1B-4525-8992-FCDC7CC063D3", "versionEndExcluding": "78.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9."}, {"lang": "es", "value": "Una carga de textura de un Objeto de B\u00fafer de P\u00edxeles podr\u00eda haber confundido el c\u00f3digo WebGL para omitir el enlace del b\u00fafer usado para descomprimirlo, resultando en la corrupci\u00f3n de la memoria y una filtraci\u00f3n o bloqueo de informaci\u00f3n potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR versi\u00f3n 78.9, Firefox versiones anteriores a 87, and Thunderbird versiones anteriores a 78.9."}], "id": "CVE-2021-23981", "lastModified": "2024-11-21T05:52:08.893", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-31T14:15:18.907", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-10/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-11/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-12/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1692832"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-10/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-11/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-12/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Abraruddin Khan and Omair as the original reporter.", "affected_release": [{"advisory": "RHSA-2021:0992", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:78.9.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0996", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:78.9.0-3.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0990", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:78.9.0-1.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0993", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:78.9.0-3.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0991", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "firefox-0:78.9.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0995", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "thunderbird-0:78.9.0-3.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0989", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:78.9.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-03-25T00:00:00Z"}, {"advisory": "RHSA-2021:0994", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:78.9.0-3.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-03-25T00:00:00Z"}], "bugzilla": {"description": "Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read", "id": "1942783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942783"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-125", "details": ["A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.", "The Mozilla Foundation Security Advisory describes this issue as:\nA texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash."], "name": "CVE-2021-23981", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2021-03-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-23981\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-23981\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-11/#CVE-2021-23981"], "threat_severity": "Important"}