Memory safety errors in libGLES in the ANGLE graphics library

2015-09-22T00:00:00
ID MFSA2015-113
Type mozilla
Reporter Mozilla Foundation
Modified 2015-09-22T00:00:00

Description

Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writing to unowned memory. The second issue also affects shaders when insufficient memory is allocated for a shader attribute array, leading to a buffer overflow. Both of these issues can lead to a potentially exploitable crash.

These issues are specific to Windows and does not affect Linux or OS X systems.

In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.