The `bufferdata` function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.* External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
Acknowledgments: Name: the Mozilla project Upstream: crixer
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1265 https://access.redhat.com/errata/RHSA-2019:1265
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1267 https://access.redhat.com/errata/RHSA-2019:1267
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1269 https://access.redhat.com/errata/RHSA-2019:1269
Statement: In general, this flaw cannot be exploited through email in Thunderbird because scripting is disabled when reading mail, but it is potentially a risk in browser or browser-like contexts.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1308 https://access.redhat.com/errata/RHSA-2019:1308
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1309 https://access.redhat.com/errata/RHSA-2019:1309
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1310 https://access.redhat.com/errata/RHSA-2019:1310