CVE-2023-4582: 
NixOS vulnerability analysis and mitigation

A buffer overflow vulnerability (CVE-2023-4582) was discovered in Firefox's WebGL implementation, specifically in the glGetProgramiv function. The vulnerability was caused by lenient large allocation checks in Angle for GLSL shaders when allocating private shader memory. This vulnerability only affects Firefox versions prior to 117, Firefox ESR versions prior to 115.2, and Thunderbird versions prior to 115.2, and is specifically limited to macOS systems (Mozilla Advisory).

The vulnerability occurs in the WebGL glGetProgramiv function where large allocation checks in Angle for GLSL shaders were too permissive. The issue manifests when allocating private shader memory on macOS, leading to a buffer overflow condition. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

While the vulnerability has a high CVSS score, its actual impact is considered low due to its limited scope. The buffer overflow condition results in a crash that is non-exploitable for remote code execution, though it can be used for denial of service attacks. The vulnerability only affects Firefox running on macOS systems, with other operating systems being unaffected (Mozilla Advisory).

The vulnerability was fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. The fix involves implementing stricter validation checks for shader memory allocation in the ANGLE graphics engine. After the patch, instead of crashing, the browser now displays an alert warning about excessive private variable size when attempting to exploit the vulnerability (Bugzilla).