When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-12-19T13:38:37.621Z

Updated: 2024-08-02T08:42:07.598Z

Reserved: 2023-12-15T17:42:55.146Z

Link: CVE-2023-6857

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-19T14:15:07.377

Modified: 2024-11-21T08:44:41.833

Link: CVE-2023-6857

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-12-19T00:00:00Z

Links: CVE-2023-6857 - Bugzilla