CVE-2023-4046 in Firefoxinfo

Summary

by MITRE • 08/01/2023

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 06/20/2025

This vulnerability represents a critical issue in the WebAssembly Just-In-Time compilation process within Mozilla Firefox browsers. The flaw manifests as a stale value usage in global variable handling during WASM JIT analysis, creating a scenario where outdated or corrupted data persists in memory during code compilation. The vulnerability specifically impacts Firefox versions prior to 116, Firefox ESR versions prior to 102.14, and Firefox ESR versions prior to 115.1, indicating a widespread exposure across multiple browser release channels.

The technical implementation of this vulnerability stems from improper handling of global variable state within the WebAssembly JIT compiler. During the compilation phase, the system fails to properly invalidate or refresh global variable values, leading to the reuse of stale data that may have been modified by other code paths or threads. This creates a race condition or state management issue where the JIT compiler operates on incorrect variable values, resulting in malformed machine code generation. The flaw exists at the intersection of memory management and compilation optimization, where the compiler assumes consistent state that may not reflect actual runtime conditions.

The operational impact of this vulnerability extends beyond simple compilation errors to potentially enabling remote code execution through controlled crashes. When the JIT compiler processes code with stale global variable values, it can generate malformed machine instructions that cause crashes in the content process. These crashes may be exploitable through memory corruption techniques, allowing attackers to potentially execute arbitrary code with the privileges of the browser user. The content process vulnerability is particularly concerning as it represents the primary attack surface for web-based exploits, enabling attackers to bypass sandboxing mechanisms that typically protect the browser from malicious code execution.

This vulnerability maps to CWE-116 improper state management and CWE-121 stack buffer overflow, with potential ATT&CK techniques including T1059 command and scripting interpreter and T1203 Exploitation for Client Execution. The flaw demonstrates the complexity of modern JIT compilers and the challenges in maintaining memory consistency across multiple execution contexts. Mitigation strategies include updating to patched browser versions, implementing additional runtime checks for global variable state, and enhancing the memory management subsystem to prevent stale value propagation. Organizations should prioritize immediate patch deployment and consider implementing browser hardening measures to reduce the attack surface for similar JIT-related vulnerabilities.

Reservation

08/01/2023

Disclosure

08/01/2023

Moderation

accepted

CPE

ready

EPSS

0.01007

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!