CVE-2021-29961: 
NixOS vulnerability analysis and mitigation

CVE-2021-29961 is a security vulnerability discovered in Mozilla Firefox affecting versions prior to 89.0. The vulnerability was disclosed on June 1, 2021, and involves an issue where Firefox did not apply correct clipping when styling and rendering an oversized <select> element, which allowed attackers to paint over the browser's user interface (Mozilla Advisory, NVD).

The vulnerability stems from a floating-point accuracy issue in Firefox's WebRender component. When handling extremely large transforms and primitive sizes, the browser failed to properly constrain the rendering of content within the iframe clip rect. This occurred specifically when the coordinate system was axis-aligned with respect to the global iframe clip rect, causing floating point accuracy loss that resulted in incorrect clip rect mapping (Mozilla Bug).

The vulnerability allows malicious websites to render content outside of their designated boundaries, potentially enabling UI spoofing attacks. An attacker could exploit this to paint over Firefox's user interface elements, including the address bar and toolbar, which could be used to deceive users about their current browsing context (NVD, Mozilla Advisory).

The vulnerability was fixed in Firefox 89.0. The solution involved applying iframe clips on tile caches instead of primitives, preventing floating point inaccuracy from affecting content outside an iframe. Users and administrators are advised to upgrade to Firefox version 89.0 or later to mitigate this vulnerability (Mozilla Advisory, Gentoo Advisory).