Bug 1831765 (CVE-2020-12395)
| Summary: | CVE-2020-12395 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | msiddiqu |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | unspecified | CC: | cschalle, gecko-bugs-nobody, jhorak, security-response-team, stransky |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 68.8, thunderbird 68.8.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
Memory safety flaws were found in Mozilla Firefox and Thunderbird. Memory corruption that an attacker could leverage with enough effort, could allow arbitrary code to run. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-05-06 10:32:06 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1828972, 1828973, 1828974, 1828975, 1828976, 1828977, 1828978, 1831592, 1831593, 1831594, 1831595, 1831596, 1831597, 1831598 | ||
| Bug Blocks: | 1828970 | ||
|
Description
msiddiqu
2020-05-05 15:14:57 UTC
Acknowledgments: Name: the Mozilla project Upstream: Alexandru Michis, Jason Kratzer, philipp, Ted Campbell, Bas Schouten, André Bargull, Karl Tomlinson This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2033 https://access.redhat.com/errata/RHSA-2020:2033 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2032 https://access.redhat.com/errata/RHSA-2020:2032 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2031 https://access.redhat.com/errata/RHSA-2020:2031 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12395 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2037 https://access.redhat.com/errata/RHSA-2020:2037 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2036 https://access.redhat.com/errata/RHSA-2020:2036 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2048 https://access.redhat.com/errata/RHSA-2020:2048 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2047 https://access.redhat.com/errata/RHSA-2020:2047 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2046 https://access.redhat.com/errata/RHSA-2020:2046 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2049 https://access.redhat.com/errata/RHSA-2020:2049 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2050 https://access.redhat.com/errata/RHSA-2020:2050 |