Vulnerability CVE-2023-6856: Information

Description

The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-6856

Published: Dec. 19, 2023

Modified: Feb. 2, 2024

Error type identifier: CWE-787

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
firefox	sisyphus	121.0-alt1	126.0.1-alt1	ALT-PU-2023-8231-1	336902	Fixed
firefox	sisyphus_riscv64	121.0-alt0.port	126.0-alt0.port	ALT-PU-2023-8323-1	-	Fixed
firefox	sisyphus_loongarch64	121.0-alt1.0.port	126.0-alt1.0.port	ALT-PU-2024-1013-1	-	Fixed
firefox	p11	121.0-alt1	126.0.1-alt1	ALT-PU-2023-8231-1	336902	Fixed
firefox-esr	sisyphus	115.6.0-alt1	115.11.0-alt1	ALT-PU-2023-8216-2	336858	Fixed
firefox-esr	sisyphus_loongarch64	115.6.0-alt1	115.11.0-alt1	ALT-PU-2023-8248-1	-	Fixed
firefox-esr	p10	115.6.0-alt1	115.11.0-alt1	ALT-PU-2023-8227-2	336859	Fixed
firefox-esr	c10f1	115.8.0-alt0.c10.1	115.9.1-alt0.c10.1	ALT-PU-2024-3614-2	340631	Fixed
firefox-esr	p11	115.6.0-alt1	115.11.0-alt1	ALT-PU-2023-8216-2	336858	Fixed
thunderbird	sisyphus	115.6.0-alt1	115.9.0-alt1	ALT-PU-2023-8368-2	337340	Fixed
thunderbird	sisyphus_loongarch64	115.6.0-alt1	115.9.0-alt1	ALT-PU-2023-8387-1	-	Fixed
thunderbird	p10	115.8.1-alt1	115.9.0-alt1	ALT-PU-2024-3860-2	342581	Fixed
thunderbird	c10f1	115.8.1-alt0.c10.1	115.9.0-alt0.c10.1	ALT-PU-2024-4748-2	343092	Fixed
thunderbird	p11	115.6.0-alt1	115.9.0-alt1	ALT-PU-2023-8368-2	337340	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1843782	Issue Tracking Permissions Required
https://www.mozilla.org/security/advisories/mfsa2023-54/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2023-55/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2023-56/	Vendor Advisory
https://www.debian.org/security/2023/dsa-5581	Third Party Advisory
https://www.debian.org/security/2023/dsa-5582	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202401-10	Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
  End excliding
  115.6
  cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
  End excliding
  121.0
  cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
  End excliding
  115.6
  
  Configuration 2
  cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2023-6856: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2