Bug 1015531 (CVE-2016-9897)

Summary:	VUL-0: CVE-2016-9897: MozillaFirefox: Memory corruption in libGLES
Product:	[Novell Products] SUSE Security Incidents	Reporter:	Marcus Meissner <meissner>
Component:	Incidents	Assignee:	Petr Cerny <pcerny>
Status:	RESOLVED FIXED	QA Contact:	Security Team bot <security-team>
Severity:	Major
Priority:	P3 - Medium
Version:	unspecified
Target Milestone:	---
Hardware:	Other
OS:	Other
Whiteboard:	CVSSv2:SUSE:CVE-2016-9894:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9905:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9900:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2016-9897:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9898:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9902:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2016-9899:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9899:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9897:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9893:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9900:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:SUSE:CVE-2016-9903:0.0:(AV:N/AC:H/Au:M/C:N/I:N/A:N) CVSSv2:SUSE:CVE-2016-9901:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9896:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9905:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9893:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9898:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9080:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9895:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:SUSE:CVE-2016-9902:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:RedHat:CVE-2016-9895:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:SUSE:CVE-2016-9904:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2016-9901:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv2:RedHat:CVE-2016-9904:4.3:(AV:N/AC:M/Au:N/C:P/I:N/A:N) CVSSv3:RedHat:CVE-2016-9898:5.6:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) CVSSv3:RedHat:CVE-2016-9902:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:RedHat:CVE-2016-9900:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:RedHat:CVE-2016-9893:7.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) CVSSv3:RedHat:CVE-2016-9905:5.6:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) CVSSv3:RedHat:CVE-2016-9899:7.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) CVSSv3:RedHat:CVE-2016-9904:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:RedHat:CVE-2016-9901:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSSv3:RedHat:CVE-2016-9895:6.1:(AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVSSv3:RedHat:CVE-2016-9897:5.6:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) CVSSv2:NVD:CVE-2016-9080:7.5:(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9893:7.5:(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9894:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv2:NVD:CVE-2016-9895:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2016-9896:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9897:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv2:NVD:CVE-2016-9898:7.5:(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9899:7.5:(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9900:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2016-9901:7.5:(AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSSv2:NVD:CVE-2016-9902:5.0:(AV:N/AC:L/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2016-9903:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSSv2:NVD:CVE-2016-9904:5.0:(AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSSv2:NVD:CVE-2016-9905:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSSv3:NVD:CVE-2016-9080:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9893:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9894:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSSv3:NVD:CVE-2016-9895:6.1:(AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVSSv3:NVD:CVE-2016-9896:8.1:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9897:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSSv3:NVD:CVE-2016-9898:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9899:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9900:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSSv3:NVD:CVE-2016-9901:9.8:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3:NVD:CVE-2016-9902:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSSv3:NVD:CVE-2016-9903:6.1:(AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVSSv3:NVD:CVE-2016-9904:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSSv3:NVD:CVE-2016-9905:8.8:(AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---
Bug Depends on:
Bug Blocks:	1015422

Description Marcus Meissner 2016-12-14 13:25:25 UTC

Security vulnerabilities fixed in Firefox 50.1
https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/

Discovered by: Aral
Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES.

https://bugzilla.mozilla.org/show_bug.cgi?id=1301381

Comment 1 Swamp Workflow Management 2016-12-14 23:01:22 UTC

bugbot adjusting priority

Comment 2 Petr Cerny 2017-08-10 14:53:58 UTC

Released.