CVE-2023-4046 – Mozilla: Incorrect value used during WASM compilation
https://notcve.org/view.php?id=CVE-2023-4046
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. The Mozilla Foundation Security Advisory describes this flaw as: In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. • https://bugzilla.mozilla.org/show_bug.cgi?id=1837686 https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html https://www.debian.org/security/2023/dsa-5464 https://www.debian.org/security/2023/dsa-5469 https://www.mozilla.org/security/advisories/mfsa2023-29 https://www.mozilla.org/security/advisories/mfsa2023-30 https://www.mozilla.org/security/advisories/mfsa2023-31 https://access.redhat.com/security • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2023-4045 – Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
https://notcve.org/view.php?id=CVE-2023-4045
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. • https://bugzilla.mozilla.org/show_bug.cgi?id=1833876 https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html https://www.debian.org/security/2023/dsa-5464 https://www.debian.org/security/2023/dsa-5469 https://www.mozilla.org/security/advisories/mfsa2023-29 https://www.mozilla.org/security/advisories/mfsa2023-30 https://www.mozilla.org/security/advisories/mfsa2023-31 https://access.redhat.com/security • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2023-37456
https://notcve.org/view.php?id=CVE-2023-37456
The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115. • https://bugzilla.mozilla.org/show_bug.cgi?id=1795496 https://www.mozilla.org/security/advisories/mfsa2023-25 • CWE-476: NULL Pointer Dereference •
CVE-2023-37455
https://notcve.org/view.php?id=CVE-2023-37455
The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115. • https://bugzilla.mozilla.org/show_bug.cgi?id=1786934 https://www.mozilla.org/security/advisories/mfsa2023-25 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVE-2023-3600 – firefox: use-after-free in workers
https://notcve.org/view.php?id=CVE-2023-3600
During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. • https://bugzilla.mozilla.org/show_bug.cgi?id=1839703 https://www.mozilla.org/security/advisories/mfsa2023-26 https://www.mozilla.org/security/advisories/mfsa2023-27 https://access.redhat.com/security/cve/CVE-2023-3600 https://bugzilla.redhat.com/show_bug.cgi?id=2222652 • CWE-416: Use After Free •