CVE-2021-29984: 
NixOS vulnerability analysis and mitigation

CVE-2021-29984 is a high-severity vulnerability discovered in Mozilla Firefox and Thunderbird browsers that affects versions prior to Firefox 91, Firefox ESR 78.13, and Thunderbird 91/78.13. The vulnerability was reported by security researcher Lukas Bernhard and disclosed in August 2021 (Mozilla Advisory).

The vulnerability stems from incorrect instruction reordering during JIT (Just-In-Time) optimization. Specifically, the instruction reordering pass moves the Concat operation between StoreElement and SetInitializedLength instructions, which causes an object to be incorrectly considered during garbage collection. This leads to memory corruption and potentially exploitable crashes. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

The vulnerability could result in memory corruption and potentially lead to arbitrary code execution. In Thunderbird, while these flaws cannot be exploited through email (as scripting is disabled when reading mail), they remain potential risks in browser or browser-like contexts (Mozilla Advisory).

The vulnerability has been fixed in Firefox 91, Firefox ESR 78.13, Thunderbird 91, and Thunderbird 78.13. Users are advised to upgrade to these versions or later. The fix involves implementing checks for SetInitializedLength when reordering instructions during JIT optimization (Mozilla Advisory).