Bug 2030116 (CVE-2021-4129)
| Summary: | CVE-2021-4129 Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Doran Moppert <dmoppert> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 91.4.0, thunderbird 91.4.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Thunderbird 91.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-12-08 11:35:37 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2029262, 2029263, 2029264, 2029265, 2029266, 2029267, 2029268, 2029274, 2029735, 2029736, 2029737, 2029738, 2029739, 2029740 | ||
| Bug Blocks: | 2029260 | ||
|
Description
Doran Moppert
2021-12-08 02:36:17 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2021:5017 https://access.redhat.com/errata/RHSA-2021:5017 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:5013 https://access.redhat.com/errata/RHSA-2021:5013 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2021:5015 https://access.redhat.com/errata/RHSA-2021:5015 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:5016 https://access.redhat.com/errata/RHSA-2021:5016 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:5014 https://access.redhat.com/errata/RHSA-2021:5014 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:5047 https://access.redhat.com/errata/RHSA-2021:5047 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:5045 https://access.redhat.com/errata/RHSA-2021:5045 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2021:5048 https://access.redhat.com/errata/RHSA-2021:5048 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:5046 https://access.redhat.com/errata/RHSA-2021:5046 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2021:5055 https://access.redhat.com/errata/RHSA-2021:5055 |