Mozilla has released security updates to fix 20 vulnerabilities, including a number of memory safety problems, for Thunderbird and Firefox. Patches for 18 vulnerabilities—five of which have a “high” severity rating—were included in Firefox 121.
CVE-2023-6856, a heap buffer overflow bug in WebGL, the JavaScript API used to render interactive graphics in browsers, is the most prominent bug on the list.
“On systems running the Mesa VM driver, the WebGL DrawElementsInstanced method was vulnerable to a heap buffer overflow.” According to Mozilla’s advisory, “This vulnerability could enable remote code execution and sandbox escape for an attacker.”
Read More: Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.