Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.
El desarrollador de Mozilla, Nicolas Silva, detectó que cuando usaba WebRender, Firefox, bajo determinadas condiciones, filtra memoria arbitraria de la GPU hacia la pantalla visible. El contenido de la memoria filtrada era visible para el usuario, pero no era observable desde el contenido web. Esta vulnerabilidad afecta a Firefox versiones anteriores a 77
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the addressbar, or execute arbitrary code. It was discovered that NSS showed timing differences when performing DSA signatures. An attacker could potentially exploit this to obtain private keys using a timing attack. Various other issues were also addressed.
