CVE-2024-6600

Summary

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 128affected
MozillaFirefox ESRunspecified < 115.13affected
MozillaThunderbirdunspecified < 115.13affected
MozillaThunderbirdunspecified < 128affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References