CVE-2023-25736: 
NixOS vulnerability analysis and mitigation

CVE-2023-25736 is a security vulnerability discovered in Mozilla Firefox versions prior to 110. The vulnerability was identified as an invalid downcast from nsHTMLDocument to nsIContent that could lead to undefined behavior. The issue was officially disclosed on February 14, 2023, as part of Mozilla's security advisory MFSA2023-05 (Mozilla Advisory).

The vulnerability stems from an invalid downcast operation in the GetTableSelectionMode function where an nsHTMLDocument object is incorrectly cast to nsIContent. While the behavior might be safe-ish outside of undefined behavior issues, the only method called on startContent is IsHTMLElement, which is an inline method that performs mNodeInfo->Equals(aTag, kNameSpaceID_XHTML) operation. The vulnerability was assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability was rated as having a low security impact by Mozilla. While the undefined behavior could potentially lead to security issues, the actual impact was limited due to the specific implementation details of the affected code (Mozilla Advisory).

The vulnerability was fixed in Firefox version 110. Users are advised to upgrade to Firefox 110 or later versions to receive the security patch. The fix involved removing a useless static_cast operation in the affected code (Mozilla Advisory).