When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure.
Acknowledgments: Name: the Mozilla project Upstream: Jeff Gilbert, Kenneth Russell
External References: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6821
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:1404 https://access.redhat.com/errata/RHSA-2020:1404
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1406 https://access.redhat.com/errata/RHSA-2020:1406
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-6821
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1420 https://access.redhat.com/errata/RHSA-2020:1420
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:1429 https://access.redhat.com/errata/RHSA-2020:1429
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:1488 https://access.redhat.com/errata/RHSA-2020:1488
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1489 https://access.redhat.com/errata/RHSA-2020:1489
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:1496 https://access.redhat.com/errata/RHSA-2020:1496
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1495 https://access.redhat.com/errata/RHSA-2020:1495