CVE: CVE-2024-11691

Descrizione: Certain WebGL operations on Apple silicon M series devices could have led to an out-of-bounds write and memory corruption due to a flaw in Apple’s GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18.

Vettore di attacco

Riferimenti esterni

• https://bugzilla.mozilla.org/show_bug.cgi?id=1914707
• https://bugzilla.mozilla.org/show_bug.cgi?id=1924184
• https://www.mozilla.org/security/advisories/mfsa2024-63/
• https://www.mozilla.org/security/advisories/mfsa2024-64/
• https://www.mozilla.org/security/advisories/mfsa2024-65/
• https://www.mozilla.org/security/advisories/mfsa2024-67/
• https://www.mozilla.org/security/advisories/mfsa2024-68/
• https://www.mozilla.org/security/advisories/mfsa2024-70/

Prodotti interessati

• Mozilla – Firefox
• Mozilla – Firefox ESR
• Mozilla – Firefox ESR
• Mozilla – Thunderbird
• Mozilla – Thunderbird
• Mozilla – Thunderbird

Relazioni con altri prodotti

Produttore:Mozilla
Prodotto: Firefox
Anno: 2024
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Thunderbird
Anno: 2024
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Firefox ESR
Anno: 2024
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2024)