CVE-2023-29548: 
NixOS vulnerability analysis and mitigation

A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability (CVE-2023-29548) was discovered in April 2023 and affects multiple Mozilla products including Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10 (Mozilla Advisory).

The vulnerability occurs when lowering UDiv MIR (Middle-level Intermediate Representation) to LIR (Low-level Intermediate Representation) in the ARM64 Ion compiler. The issue arises when handling constant values in division operations, specifically when the divisor is the negation of an integer which is power of two. In such cases, the compiler incorrectly calculates the shift value using the absolute value of the divisor, leading to an incorrect optimization result (Mozilla Bug). The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N (NVD).

The vulnerability results in wrong optimization results for unsigned division operations on ARM64 platforms. While the direct security impact is considered low, incorrect computation results could potentially lead to security issues in WebAssembly applications (Mozilla Advisory).

The vulnerability was fixed in Firefox 112, Firefox ESR 102.10, and Thunderbird 102.10. The fix involved modifying the compiler to correctly handle unsigned values during the optimization process. Users should upgrade to these or later versions to mitigate the vulnerability (Mozilla Advisory).