Bug 2039574 (CVE-2022-22751)
| Summary: | CVE-2022-22751 Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Doran Moppert <dmoppert> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 91.5, thunderbird 91.5 | Doc Type: | If docs needed, set a value |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these bugs showed evidence of memory corruption, some of which could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-01-12 14:34:15 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2037104, 2037105, 2037106, 2037107, 2037108, 2037109, 2037110, 2037111, 2037149, 2037150, 2037151, 2037152, 2037153, 2037154, 2037155, 2037156 | ||
| Bug Blocks: | 2037102 | ||
|
Description
Doran Moppert
2022-01-12 00:14:36 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0123 https://access.redhat.com/errata/RHSA-2022:0123 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0125 https://access.redhat.com/errata/RHSA-2022:0125 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0130 https://access.redhat.com/errata/RHSA-2022:0130 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:0126 https://access.redhat.com/errata/RHSA-2022:0126 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0131 https://access.redhat.com/errata/RHSA-2022:0131 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0132 https://access.redhat.com/errata/RHSA-2022:0132 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:0128 https://access.redhat.com/errata/RHSA-2022:0128 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0129 https://access.redhat.com/errata/RHSA-2022:0129 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0124 https://access.redhat.com/errata/RHSA-2022:0124 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:0127 https://access.redhat.com/errata/RHSA-2022:0127 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-22751 |