Security Advisory

CVE-2023-6857

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-19 13:38:37

Last updated 2025-02-13 17:26:34

Assigner mozilla

State PUBLISHED

Description

When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

← Browse all CVEs View on cve.org ↗