CVE-2021-29981: 
NixOS vulnerability analysis and mitigation

CVE-2021-29981 is a vulnerability discovered in Mozilla Firefox and Thunderbird's JavaScript engine JIT compiler. The issue, present in lowering/register allocation, could lead to register confusion failures in JITted code, affecting Firefox versions prior to 91 and Thunderbird versions prior to 91. The vulnerability was reported by Gary Kwong and was disclosed in August 2021 (Mozilla Advisory).

The vulnerability stems from an issue in the JavaScript engine's JIT compiler where live range splitting could lead to conflicting register assignments. The problem occurs specifically in the register allocation phase where incorrect handling of constant values and register assignments could result in memory corruption. The vulnerability has a CVSS v3.1 base score of 8.8 (HIGH) with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

The vulnerability could lead to deterministic register confusion failures in JITted code, potentially resulting in an exploitable crash. This could allow attackers to execute arbitrary code on affected systems, compromising the confidentiality, integrity, and availability of the system (Mozilla Advisory).

The vulnerability was fixed in Firefox 91 and Thunderbird 91. Users are advised to upgrade to these versions or later. For Gentoo Linux users, specific package updates are available: www-client/firefox >= 91.6.0 and www-client/firefox-bin >= 91.6.0 (Gentoo Advisory).