{"id":"MGASA-2021-0199","summary":"Updated firefox packages fix security vulnerabilities","details":"More internal network hosts could have been probed by a malicious webpage:\nFurther techniques that built on the slipstream research combined with a\nmalicious webpage could have exposed both an internal network's hosts as well\nas services running on the user's local machine (CVE-2021-23961).\n\nOut of bound write due to lazy initialization:\nA WebGL framebuffer was not initialized early enough, resulting in memory\ncorruption and an out of bound write (CVE-2021-23994).\n\nUse-after-free in Responsive Design Mode:\nWhen Responsive Design Mode was enabled, it used references to objects that\nwere previously freed. We presume that with enough effort this could have been\nexploited to run arbitrary code (CVE-2021-23995).\n\nSecure Lock icon could have been spoofed:\nThrough complicated navigations with new windows, an HTTP page could have\ninherited a secure lock icon from an HTTPS page (CVE-2021-23998).\n\nBlob URLs may have been granted additional privileges:\nIf a Blob URL was loaded through some unusual user interaction, it could have\nbeen loaded by the System Principal and granted additional privileges that\nshould not be granted to web content (CVE-2021-23999).\n\nArbitrary FTP command execution on FTP servers using an encoded URL:\nWhen a user clicked on an FTP URL containing encoded newline characters\n(%0A and %0D), the newlines would have been interpreted as such and allowed\narbitrary commands to be sent to the FTP server (CVE-2021-24002).\n\nIncorrect size computation in WebAssembly JIT could lead to null-reads:\nThe WebAssembly JIT could miscalculate the size of a return type, which could\nlead to a null read and result in a crash.\nNote: This issue only affected x86-32 platforms. Other platforms are unaffected.\n(CVE-2021-29945).\n\nPort blocking could be bypassed:\nPorts that were written as an integer overflow above the bounds of a 16-bit\ninteger could have bypassed port blocking restrictions when used in the\nAlt-Svc header (CVE-2021-29946).\n","modified":"2026-01-31T19:25:47.119567Z","published":"2021-04-29T09:41:35Z","related":["CVE-2021-23961","CVE-2021-23994","CVE-2021-23995","CVE-2021-23998","CVE-2021-23999","CVE-2021-24002","CVE-2021-29945","CVE-2021-29946"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0199.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28822"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/"},{"type":"REPORT","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.64_release_notes"},{"type":"REPORT","url":"https://access.redhat.com/errata/RHSA-2021:1360"}],"affected":[{"package":{"name":"firefox-l10n","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.10.0-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}},{"package":{"name":"nss","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.64.0-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}},{"package":{"name":"firefox","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.10.0-1.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.10.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}},{"package":{"name":"nss","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.64.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}},{"package":{"name":"firefox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.10.0-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0199.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}