Bug 2072559 (CVE-2022-1097)
Summary: | CVE-2022-1097 Mozilla: Use-after-free in NSSToken objects | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | firefox 91.8, thunderbird 91.8 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of NSSToken objects referenced via direct points that could have been accessed unsafely on different threads, leading to a use-after-free and potentially exploitable crash.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-04-12 17:26:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2069596, 2069597, 2069598, 2069599, 2069600, 2069601, 2069602, 2069603, 2069604, 2069610, 2072587, 2072588, 2072589, 2072590, 2072591, 2072592, 2072593, 2072594, 2072595 | ||
Bug Blocks: | 2069594 |
Description
Mauro Matteo Cascella
2022-04-06 14:17:59 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:1283 https://access.redhat.com/errata/RHSA-2022:1283 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:1286 https://access.redhat.com/errata/RHSA-2022:1286 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1287 https://access.redhat.com/errata/RHSA-2022:1287 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1285 https://access.redhat.com/errata/RHSA-2022:1285 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:1284 https://access.redhat.com/errata/RHSA-2022:1284 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:1303 https://access.redhat.com/errata/RHSA-2022:1303 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1301 https://access.redhat.com/errata/RHSA-2022:1301 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1305 https://access.redhat.com/errata/RHSA-2022:1305 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:1302 https://access.redhat.com/errata/RHSA-2022:1302 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:1326 https://access.redhat.com/errata/RHSA-2022:1326 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-1097 |