Bug 1843030 (CVE-2020-12410)
| Summary: | CVE-2020-12410 Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | msiddiqu |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | cschalle, gecko-bugs-nobody, jhorak, security-response-team, stransky |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 68.9, thunderbird 68.9.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-06-03 11:20:36 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1840064, 1840065, 1840066, 1840067, 1840069, 1840070, 1840071, 1840095, 1840096, 1840097, 1840098, 1840099, 1840100, 1840101 | ||
| Bug Blocks: | 1840062 | ||
|
Description
msiddiqu
2020-06-02 15:16:34 UTC
Acknowledgments: Name: the Mozilla project Upstream: Tom Tung and Karl Tomlinson This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2379 https://access.redhat.com/errata/RHSA-2020:2379 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2380 https://access.redhat.com/errata/RHSA-2020:2380 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2378 https://access.redhat.com/errata/RHSA-2020:2378 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12410 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2382 https://access.redhat.com/errata/RHSA-2020:2382 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2381 https://access.redhat.com/errata/RHSA-2020:2381 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2616 https://access.redhat.com/errata/RHSA-2020:2616 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2611 https://access.redhat.com/errata/RHSA-2020:2611 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2613 https://access.redhat.com/errata/RHSA-2020:2613 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2614 https://access.redhat.com/errata/RHSA-2020:2614 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2615 https://access.redhat.com/errata/RHSA-2020:2615 |