Optimization Flaw in Firefox and Thunderbird by Mozilla
CVE-2023-29548
6.5MEDIUM
Key Information:
- Vendor
Mozilla
- Vendor
- CVE Published:
- 2 June 2023
What is CVE-2023-29548?
This vulnerability stems from an incorrect lowering instruction within the ARM64 Ion compiler used in Mozilla's Firefox and Thunderbird products. The issue leads to faulty optimization results, which could potentially allow an attacker to exploit the affected applications. Users of Firefox versions below 112, Thunderbird versions below 102.10, and their mobile counterparts should take urgent measures to update their software to the latest versions to mitigate risk.
Affected Version(s)
Firefox < 112
Firefox ESR < 102.10
Firefox for Android < 112