CVE-2021-29986

Summary

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

Affected Software

VendorProductVersion RangeStatus
MozillaThunderbirdunspecified < 78.13affected
MozillaThunderbirdunspecified < 91affected
MozillaFirefox ESRunspecified < 78.13affected
MozillaFirefoxunspecified < 91affected

Weaknesses

  • Race condition when resolving DNS names could have led to memory corruption

ADP Enrichment

CVE Program Container

Additional References

References