CVE-2021-29952

Summary

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 88.0.1affected
MozillaFirefox for Androidunspecified < 88.1.3affected

Weaknesses

  • Race condition in Web Render Components

ADP Enrichment

CVE Program Container

Additional References

References