Bug 1186196 (CVE-2021-29952)

Summary: VUL-0: CVE-2021-29952: MozillaFirefox: Mozilla: Race condition in Web Render Components
Product: [Novell Products] SUSE Security Incidents Reporter: Gianluca Gabrielli <gianluca.gabrielli>
Component: IncidentsAssignee: Martin Sirringhaus <martin.sirringhaus>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/284544/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Gianluca Gabrielli 2021-05-18 11:44:56 UTC
CVE-2021-29952

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/#CVE-2021-29952

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1961494
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-29952
Comment 1 Gianluca Gabrielli 2021-05-18 11:48:13 UTC
This only seems to affect Firefox >= 80 and < 88.0.1.

Maintained packages:

SUSE:SLE-11-SP1:Update/MozillaFirefox   78.10.0
SUSE:SLE-11-SP3:Update/MozillaFirefox   52.9.0esr
SUSE:SLE-12-SP2:Update/MozillaFirefox   78.10.0
SUSE:SLE-15-SP2:Update/MozillaFirefox   78.10.0
SUSE:SLE-15:Update/MozillaFirefox       78.10.0
openSUSE:Factory/MozillaFirefox         88.0.1

Closing since no package is affected.