Mozilla Foundation Security Advisory 2016-03

Buffer overflow in WebGL after out of memory allocation

Announced
January 26, 2016
Reporter
Aki Helin
Impact
Critical
Products
Firefox, Firefox ESR, Thunderbird
Fixed in
  • Firefox 44
  • Firefox ESR 38.6
  • Thunderbird 38.6

Description

Security researcher Aki Helin used the Address Sanitizer tool to find a buffer overflow write when rendering some WebGL content. This leads to a potentially exploitable crash.

In general this flaw cannot be exploited through email in the Thunderbird product, but is potentially a risk in browser or browser-like contexts.

References