CVE-2021-23975 Information

Description

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function instead of using the API method that checks for invalid pointers. This vulnerability affects Firefox < 86.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1685145 https://www.mozilla.org/security/advisories/mfsa2021-07/ https://security.gentoo.org/glsa/202104-10

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.5