CVE-2021-4128

Summary

When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>This bug only affects Firefox on MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox < 95.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 95affected

Weaknesses

  • Use-after-free in fullscreen objects on MacOS

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References