FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- 64 bit JIT WASM read on left over memroy

Affected packages
firefox < 136.0,2
firefox-esr < 115.21,1
librewolf < 136.0,2
thunderbird < 136.0

Details

VuXML ID a93a1d2a-109d-11f0-8195-b42e991fc52e
Discovery 2025-03-04
Entry 2025-04-03

security@mozilla.org reports:

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type.

[source]

References

CVE Name CVE-2025-1933
URL https://nvd.nist.gov/vuln/detail/CVE-2025-1933

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.