Memory Management Flaw in Mozilla Products
CVE-2023-29536

8.8HIGH

Key Information:

Vendor

Mozilla
Status
Firefox
Focus for Android
Firefox ESR
Firefox for Android
Vendor
CVE Published:
2 June 2023

What is CVE-2023-29536?

A critical flaw in Mozilla's memory management mechanism allows an attacker to control specific memory areas, leading to potential crashes or memory corruption. This vulnerability affects various versions of Firefox, Thunderbird, and Focus for Android, enabling an attacker to manipulate the memory manager in a way that could result in instability or exploitation upon triggering the flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Firefox < 112

Firefox ESR < 102.10

Firefox for Android < 112

References

https://www.mozilla.org/security/advisories/mfsa2023-15/
https://www.mozilla.org/security/advisories/mfsa2023-14/
https://www.mozilla.org/security/advisories/mfsa2023-13/

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.