CVE-2023-4582

Summary

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 117affected
MozillaFirefox ESRunspecified < 115.2affected
MozillaThunderbirdunspecified < 115.2affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References