Critical severity9.8NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2017-7824
CVE-2017-7824
Description
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
45- osv-coords42 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%206pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/mozilla-nss&distro=SUSE%20OpenStack%20Cloud%206pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Package%20Hub%2012
< 128.5.1-1.1+ 41 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
- (no CPE)range: < 91.1.1-1.1
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-72.13.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 52.4.0esr-109.6.2
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-47.6.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 3.29.5-58.3.1
- (no CPE)range: < 52.4.0-45.1
unspecified+ 1 more
- (no CPE)range: unspecified
- (no CPE)range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
12- www.securityfocus.com/bid/101053nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039465nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:2831nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2885nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2017/11/msg00000.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201803-14nvdThird Party Advisory
- www.debian.org/security/2017/dsa-3987nvdThird Party Advisory
- www.debian.org/security/2017/dsa-4014nvdThird Party Advisory
- www.mozilla.org/security/advisories/mfsa2017-21/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2017-22/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2017-23/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.