Mozilla Foundation Security Advisory 2016-19
Linux video memory DOS with Intel drivers
- Announced
- March 8, 2016
- Reporter
- Ucha Gobejishvili
- Impact
- Moderate
- Products
- Firefox, Thunderbird
- Fixed in
-
- Firefox 45
- Thunderbird 45
Description
Security researcher Ucha Gobejishvili reported a denial of service (DOS) attack when doing certain WebGL operations in a canvas requiring an unusually large amount buffer to be allocated from video memory. This resulted in memory resource exhaustion with some Intel video cards, requiring the computer to be rebooted to return functionality. This was resolved by putting in additional checks on the amount of memory to be allocated during graphics processing.
This issue was limited to a subset of Intel drivers on Linux. Other operating systems were not affected.
In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.