Lucene search

PRIOn knowledge basePRION:CVE-2023-6204

HistoryNov 21, 2023 - 3:15 p.m.

Out-of-bounds

2023-11-2115:15:00

PRIOn knowledge base

www.prio-n.com

out-of-bounds

graphics settings

memory leak

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.4%

JSON

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

CPENameOperatorVersion
debian_linuxeq10.0
debian_linuxeq11.0
debian_linuxeq12.0
firefoxlt120.0
firefox_esrlt115.5.0
thunderbirdlt115.5

Name	Operator	Version
debian_linux	eq	10.0
debian_linux	eq	11.0
debian_linux	eq	12.0
firefox	lt	120.0
firefox_esr	lt	115.5.0
thunderbird	lt	115.5

References

bugzilla.mozilla.org/show_bug.cgi?id=1841050

lists.debian.org/debian-lts-announce/2023/11/msg00017.html

lists.debian.org/debian-lts-announce/2023/11/msg00030.html

www.debian.org/security/2023/dsa-5561

www.mozilla.org/security/advisories/mfsa2023-49/

www.mozilla.org/security/advisories/mfsa2023-50/

www.mozilla.org/security/advisories/mfsa2023-52/