Home

CVE-2021-29981

Description

An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox < 91 and Thunderbird < 91.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.445

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Mozilla Firefox (91.0)Windows
Multiple vulnerabilities fixed in Mozilla Firefox (x64) (91.0)Windows
Vulnerability CVE-2021-29981,CVE-2021-29982,CVE-2021-29987 are affected in Mozilla Thunderbird 78.15Windows
Multiple Vulnerabilities are affected in Mozilla Thunderbird 78.9.1Windows
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (91.0)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (91.0.1)Mac
Multiple vulnerabilities are fixed in Mozilla Firefox For Mac (91.0.2)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.4.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.5.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.5.1)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.6.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.6.1)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.6.2)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.7.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.8.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.8.1)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.9.0)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.9.1)Mac
Multiple vulnerabilities are fixed in Mozilla Thunderbird For Mac (91.10.0)Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 90.0Mac
Vulnerabilities CVE-2021-29981,CVE-2021-29982,CVE-2021-29987 are affected in Mozilla Thunderbird for Mac 78.15Mac
Mozilla Open Source web browser (USN-5037-1) firefox_91.0+build2-0ubuntu0.18.04.1_i386.debLinux
Mozilla Open Source web browser (USN-5037-1) firefox_91.0+build2-0ubuntu0.18.04.1_amd64.debLinux
Mozilla Open Source web browser (USN-5037-1) firefox_91.0+build2-0ubuntu0.20.04.1_amd64.debLinux
Mozilla Open Source web browser (USN-5037-1) firefox_91.0+build2-0ubuntu0.21.04.1_amd64.debLinux
Mozilla Open Source mail and newsgroup client (USN-5248-1) thunderbird_91.5.0+build1-0ubuntu0.18.04.1_i386.debLinux
Mozilla Open Source mail and newsgroup client (USN-5248-1) thunderbird_91.5.0+build1-0ubuntu0.18.04.1_amd64.debLinux
Mozilla Open Source mail and newsgroup client (USN-5248-1) thunderbird_91.5.0+build1-0ubuntu0.20.04.1_amd64.debLinux
SUSE-SU-2022:1582-1(SUSE Linux Enterprise Server 12-SP5 ) MozillaFirefox-91.9.0-112.104.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-320915Mozilla Firefox (91.0)
PATCH-320916Mozilla Firefox (x64) (91.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611353Mozilla Thunderbird For Mac (128.12.0)
PATCH-611870Mozilla Firefox For Mac (142.0.1)
PATCH-611807Mozilla Thunderbird For Mac (142.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234