![repair mozilla thunderbird repair mozilla thunderbird](https://3.bp.blogspot.com/-VRd4m5FFzaA/UIk19Bpjq3I/AAAAAAAAAEE/53TJeTNmok4/s320/561856_156428124495569_714389413_n.jpg)
This bug only affects Thunderbird on Linux. #CVE-2021-29987: Users could have been tricked into accepting unwanted permissions on Linux Reporter Irvan Kurniawan Impact moderate DescriptionĪfter requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.
![repair mozilla thunderbird repair mozilla thunderbird](https://i.ytimg.com/vi/fp-4qdDxcpY/maxresdefault.jpg)
#CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption Reporter Irvan Kurniawan Impact high Description This led to memory corruption and a potentially exploitable crash. Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. #CVE-2021-29984: Incorrect instruction reordering during JIT optimization Reporter Lukas Bernhard Impact high Description Thunderbird incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. #CVE-2021-29988: Memory corruption as a result of incorrect style treatment Reporter Irvan Kurniawan Impact high Description
Repair mozilla thunderbird code#
#CVE-2021-29981: Live range splitting could have led to conflicting assignments in the JIT Reporter Gary Kwong Impact high DescriptionĪn issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. Note: This issue only affected Linux operating systems.
![repair mozilla thunderbird repair mozilla thunderbird](https://www.errorvault.com/en/images/runtime-errors_error-553_mozilla-thunderbird-error-553.png)
#CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption Reporter pahhur Impact high DescriptionĪ suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. Mozilla Foundation Security Advisory 2021-36 Security Vulnerabilities fixed in Thunderbird 91 Announced AugImpact high Products Thunderbird Fixed in