Bug 2055591 (CVE-2022-0566)

Summary: CVE-2022-0566 thunderbird: Crafted email could trigger an out-of-bounds write
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: erack, gecko-bugs-nobody, jhorak, kai-engert-fedora, klaas, nobody, pjasicek, rhughes, rstrode, sandmann, stransky, thomas, tpopela
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Thunderbird 91.6.1 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-14 15:01:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2055592, 2057254, 2057255, 2057256, 2057257, 2060203, 2060204, 2060205, 2060206, 2060207, 2060208, 2060209, 2060210, 2060833, 2062650    
Bug Blocks: 2055593    

Description Sandipan Roy 2022-02-17 10:15:05 UTC 
It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message.

Fixed in 91.6.1

References:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-07/#CVE-2022-0566
https://bugzilla.mozilla.org/show_bug.cgi?id=1753094
Comment 1 Sandipan Roy 2022-02-17 10:16:49 UTC 
Created thunderbird tracking bugs for this issue:

Affects: fedora-all [bug 2055592]
Comment 5 errata-xmlrpc 2022-03-14 10:04:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:0843 https://access.redhat.com/errata/RHSA-2022:0843
Comment 6 errata-xmlrpc 2022-03-14 10:07:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:0847 https://access.redhat.com/errata/RHSA-2022:0847
Comment 7 errata-xmlrpc 2022-03-14 10:12:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:0845 https://access.redhat.com/errata/RHSA-2022:0845
Comment 8 errata-xmlrpc 2022-03-14 10:25:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:0853 https://access.redhat.com/errata/RHSA-2022:0853
Comment 9 errata-xmlrpc 2022-03-14 10:44:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:0850 https://access.redhat.com/errata/RHSA-2022:0850
Comment 10 Product Security DevOps Team 2022-03-14 15:01:09 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-0566