Cyber Resilience

CVE-2023-6856

High

Published: 19 December 2023

Published
19 December 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.1047 93.4th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-6856 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Debian Debian Linux. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 6.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This vulnerability affects Firefox ESR versions prior to 115.6, Thunderbird versions prior to 115.6, and Firefox versions prior to 121, and carries a CVSS 3.1 score of 8.8 with the CWE-787 classification for out-of-bounds writes.

An attacker able to supply malicious WebGL content can trigger the overflow to achieve remote code execution and escape the browser sandbox on affected systems. Exploitation requires user interaction such as visiting a crafted page but needs no other privileges.

Debian, Gentoo, and Mozilla advisories direct users to apply the fixed releases listed in the referenced security announcements, including DSA-5581 and GLSA-202401-10, which address the issue through updated packages. The associated EPSS score reached a peak of 0.1237 with a current value of 0.1047.

EU & UK References

Vulnerability details

The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR <…

more

115.6, Thunderbird < 115.6, and Firefox < 121.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mozilla
firefox
≤ 121.0
mozilla
firefox esr
≤ 115.6
mozilla
thunderbird
≤ 115.6
debian
debian linux
10.0, 11.0, 12.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References