chrome firefox

Firefox fixes serious mystery bug that also affects Google Chrome

The Mozilla Foundation has released Firefox 84 for the browser, fixing several flaws and providing performance improvements and Apple processor support.

The Mozilla Foundation’s update to the Firefox Web browser, released Tuesday, addresses a critical vulnerability and a number of high-severity bugs. Mozilla also released the update as Firefox version 84 to improve browser performance and add native support for macOS hardware running on its own Apple processors.

In addition to the critical bugs, a total of six high-severity vulnerabilities were fixed, which are tracked as CVE-2020-16042. The specific critical bugs in Firefox were also highlighted in a security update to Google earlier this month, which was rated as a high-severity vulnerability.

Both browser makers still have not fully described the Firefox and bug involved (CVE-2020-16042), listing it only as a memory error.

Mystery bug also affects Google
In the Mozilla security bulletin, CVE-2020-16042 is described as a flaw in the JavaScript component BigInt that “could lead to uninitialized memory being exposed.”

According to Mozilla, BigInt is a JavaScript component used to represent “arbitrarily large integers” in the context of a JavaScript process within the browser.

Google describes the same flaw differently. It calls it an “uninitialized use” bug affecting Chrome’s V8 JavaScript engine. The exact nature of the vulnerability is unclear from the Google announcement. But cybersecurity researchers describe these types of uninitialized use errors as “greatly ignored” and often “treated as insignificant storage errors.

The 2017 study published by Georgia Tech suggests that “these are actually key attack vectors that hackers can reliably use to launch privilege elevation attacks in the Linux kernel .”

Last week, Microsoft also cited CVE , as part of its December Patch Tuesday patch list, which affects Edge browser version 87.0.664.57. Microsoft’s Edge browser was released in January 2020 and is based on Google’s open source software project Chromium. chromium source code is used in Google’s browser and Microsoft’s 2020 Edge browser.

V8 JavaScript engine and WebAssembly
The V8 open source JavaScript engine was developed by the Chromium Project for Google and the Chromium Web browser. Firefox does not support the V8 JavaScript engine, but the WebAssembly component typically associated with V8 is supported.

WebAssembly, or WASM for short, is an open standard that defines a portable binary code format for executable programs, according to the WebAssembly Project. According to the project’s website, ” WebAssembly describes a memory-safe sandboxed execution environment that can be implemented even inside existing JavaScript virtual machines.”

Mozilla’s Firefox browser is not based on Chromium. Mozilla Firefox and Apple Safari support WASM, even though neither of them uses Google’s V8. Some clues about the nature of the vulnerability can be drawn from the fact that the vulnerability affects both Firefox and Chrome – the common denominator is WASM. The common denominator is WASM. in addition, analysis of the WASM and V8 bugs in 2018 warned of possible security issues.

In 2018, Google’s Project Zero released a study called “WebAssembly Issues and Promises” and identified three vulnerabilities that have been mitigated. Google warns that future WASM threats are related to WebAssembly’s garbage collector (GC) functionality.

WebAssembly Culprit?
GC is an important process associated with the JavaScript engine. ” Java applications fetch objects in memory as needed. In the Java Virtual Machine (JVM), the task of the GC is to automatically identify memory that is no longer used by the Java application and reclaim that memory for other uses.” John Worthington said in a post about the importance of GC.

As for Google, it issued a warning in 2018 that

” WebAssembly GC is another potential feature of WebAssembly that could lead to security issues. Currently, there are performance issues with some uses of WebAssembly due to the lack of advanced memory management in WebAssembly. For example, it is difficult to implement a high-performance Java virtual machine in WebAssembly. If WebAssembly GC were implemented, it would increase the number of applications available for WebAssembly, but it would also make vulnerabilities related to memory management more likely in the WebAssembly engine and applications written in WebAssembly.

Technical details of the CVE are not yet publicly available on the two national vulnerability database repositories, MITER and NIST. In Google’s December security bulletin, it notes details related to CVE-2020-16042 and that other bugs have been held “until a fix has been made for most users.” It also notes that technical details of the bug will be limited when and if the bug exists in third-party codebases used in other devices or platforms.

According to Google, stink bug hunter André Bargull, who is previously known for finding the bug, originally reported it on Nov. 23.

Six highly serious Firefox bugs
Memory issues dominated the list of high-severity vulnerabilities patched by Mozilla on Tuesday. Two “memory security bugs” (CVE-2020-35114 and CVE-2020-35113) were fixed. Both CVEs address bugs in Firefox 84 and its large enterprise Firefox Extended Support Release (ESR) 78.6 browser.

Mozilla wrote: “Some of these bugs show signs of memory corruption, and we believe that, with sufficient effort, some of these vulnerabilities may have been exploited to run arbitrary code.”

Also related to browser memory are bugs tracked as CVE-2020-26971, CVE-2020-26972 and CVE-2020-26973, which include a heap buffer overflow in WebGL, free-after-free usage in WebGL and a sanitization flaw in which CSS cleanup procedures are executed incorrectly.