When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2023-12-19T13:38:37.621Z
Updated: 2024-08-02T08:42:07.598Z
Reserved: 2023-12-15T17:42:55.146Z
Link: CVE-2023-6857
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-19T14:15:07.377
Modified: 2024-11-21T08:44:41.833
Link: CVE-2023-6857
Redhat