Bug 2136159 (CVE-2022-42932)
| Summary: | CVE-2022-42932 Mozilla: Memory safety bugs fixed in Firefox ESR 102.4 and Thunderbird 102.4 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 102.4, thunderbird 102.4 | Doc Type: | --- |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-12-02 15:03:24 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2133355, 2133356, 2133357, 2133358, 2133359, 2133360, 2133361, 2133362, 2133363, 2133364, 2133365, 2133366, 2133369, 2133370, 2133371, 2133372, 2133373, 2133374, 2133375, 2133376, 2133377, 2133378 | ||
| Bug Blocks: | 2133352 | ||
|
Description
Mauro Matteo Cascella
2022-10-19 13:02:45 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:7066 https://access.redhat.com/errata/RHSA-2022:7066 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:7068 https://access.redhat.com/errata/RHSA-2022:7068 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:7069 https://access.redhat.com/errata/RHSA-2022:7069 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7070 https://access.redhat.com/errata/RHSA-2022:7070 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:7072 https://access.redhat.com/errata/RHSA-2022:7072 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7071 https://access.redhat.com/errata/RHSA-2022:7071 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7178 https://access.redhat.com/errata/RHSA-2022:7178 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:7182 https://access.redhat.com/errata/RHSA-2022:7182 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:7183 https://access.redhat.com/errata/RHSA-2022:7183 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:7181 https://access.redhat.com/errata/RHSA-2022:7181 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:7184 https://access.redhat.com/errata/RHSA-2022:7184 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:7190 https://access.redhat.com/errata/RHSA-2022:7190 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-42932 |