Bug 2128797 (CVE-2022-40962)
| Summary: | CVE-2022-40962 Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 102.3, thunderbird 102.3 | Doc Type: | --- |
| Doc Text: |
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developers Nika Layzell, Timothy Nikkel, Jeff Muizelaar, Sebastian Hengst, Andreas Pehrson, and the Mozilla Fuzzing Team reporting memory safety bugs present in Firefox 104 and Firefox ESR 102.2. Some of these bugs showed evidence of memory corruption and the presumption that with enough effort, some have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-11-28 10:31:12 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2125993, 2125994, 2125995, 2125996, 2125997, 2125998, 2125999, 2126000, 2126001, 2126002, 2126003, 2126004, 2126012, 2126013, 2126014, 2126015, 2126016, 2126017, 2126018, 2126019, 2126020, 2126021, 2126022, 2126023 | ||
| Bug Blocks: | 2125991 | ||
|
Description
Mauro Matteo Cascella
2022-09-21 14:07:35 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:6703 https://access.redhat.com/errata/RHSA-2022:6703 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6701 https://access.redhat.com/errata/RHSA-2022:6701 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6700 https://access.redhat.com/errata/RHSA-2022:6700 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6702 https://access.redhat.com/errata/RHSA-2022:6702 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6713 https://access.redhat.com/errata/RHSA-2022:6713 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:6707 https://access.redhat.com/errata/RHSA-2022:6707 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:6710 https://access.redhat.com/errata/RHSA-2022:6710 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:6711 https://access.redhat.com/errata/RHSA-2022:6711 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6708 https://access.redhat.com/errata/RHSA-2022:6708 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:6716 https://access.redhat.com/errata/RHSA-2022:6716 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:6715 https://access.redhat.com/errata/RHSA-2022:6715 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6717 https://access.redhat.com/errata/RHSA-2022:6717 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-40962 |