CVE-2022-34479: 
NixOS vulnerability analysis and mitigation

CVE-2022-34479 is a high-impact security vulnerability discovered in Firefox and Thunderbird that affects Linux systems. The vulnerability was discovered by Irvan Kurniawan and disclosed on June 28, 2022. It affects Firefox versions < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11 (Mozilla Advisory).

The vulnerability allows a malicious website to create a popup window that could be resized to overlay the address bar with its own content. This occurs specifically when using window.sizeToContent() on a page with a large margin top, which causes the address bar UI to be pushed up and replaced with HTML5 page content. The issue only affects systems running Firefox or Thunderbird on Linux using X11 or XWayland window protocols, and specifically when WebRender is enabled (Mozilla Advisory, Bugzilla).

The vulnerability enables potential user confusion and spoofing attacks by allowing malicious websites to overlay and replace the address bar content with their own. This could lead to effective phishing attacks where users might be misled about the actual website they are visiting (Mozilla Advisory).

The vulnerability was fixed in Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11. Users should update to these versions or newer to protect against this vulnerability. For Linux users specifically, switching to Wayland protocol (by setting MOZENABLEWAYLAND=1) instead of X11/XWayland can also prevent the exploitation of this vulnerability (Mozilla Advisory, Bugzilla).