Bug 1186196 - (CVE-2021-29952) VUL-0: CVE-2021-29952: MozillaFirefox: Mozilla: Race condition in Web Render Components
(CVE-2021-29952)
VUL-0: CVE-2021-29952: MozillaFirefox: Mozilla: Race condition in Web Render ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Normal
: ---
Assigned To: Martin Sirringhaus
Security Team bot
https://smash.suse.de/issue/284544/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-05-18 11:44 UTC by Gianluca Gabrielli
Modified: 2021-05-18 11:48 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gianluca Gabrielli 2021-05-18 11:44:56 UTC
CVE-2021-29952

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/#CVE-2021-29952

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1961494
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-29952
Comment 1 Gianluca Gabrielli 2021-05-18 11:48:13 UTC
This only seems to affect Firefox >= 80 and < 88.0.1.

Maintained packages:

SUSE:SLE-11-SP1:Update/MozillaFirefox   78.10.0
SUSE:SLE-11-SP3:Update/MozillaFirefox   52.9.0esr
SUSE:SLE-12-SP2:Update/MozillaFirefox   78.10.0
SUSE:SLE-15-SP2:Update/MozillaFirefox   78.10.0
SUSE:SLE-15:Update/MozillaFirefox       78.10.0
openSUSE:Factory/MozillaFirefox         88.0.1

Closing since no package is affected.