Bug 2196740 (CVE-2023-32211)

Summary: CVE-2023-32211 Mozilla: Content process crash due to invalid wasm code
Product: [Other] Security Response Reporter: Dhananjay Arunesh <darunesh>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: abobrov, elima, erack, jhorak, nobody, stransky, tpopela
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: firefox 102.11, thunderbird 102.11 Doc Type: ---
Doc Text:
The Mozilla Foundation Security Advisory describes this flaw as: A type checking bug would have led to invalid code being compiled.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-18 12:34:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2192787, 2192788, 2192789, 2192790, 2192791, 2192792, 2192793, 2192794, 2192795, 2192796, 2192797, 2192798, 2192801, 2192802, 2192803, 2192804, 2192805, 2192806, 2192807, 2192808, 2192809, 2192810, 2192811, 2192812    
Bug Blocks: 2192785    

Description Dhananjay Arunesh 2023-05-10 06:11:37 UTC 
A type checking bug would have led to invalid code being compiled.

External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/#CVE-2023-32211
Comment 1 errata-xmlrpc 2023-05-16 18:39:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:3138 https://access.redhat.com/errata/RHSA-2023:3138
Comment 2 errata-xmlrpc 2023-05-16 18:39:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:3139 https://access.redhat.com/errata/RHSA-2023:3139
Comment 3 errata-xmlrpc 2023-05-16 18:47:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:3137 https://access.redhat.com/errata/RHSA-2023:3137
Comment 4 errata-xmlrpc 2023-05-16 18:52:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:3142 https://access.redhat.com/errata/RHSA-2023:3142
Comment 5 errata-xmlrpc 2023-05-16 18:52:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:3140 https://access.redhat.com/errata/RHSA-2023:3140
Comment 6 errata-xmlrpc 2023-05-16 19:01:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:3141 https://access.redhat.com/errata/RHSA-2023:3141
Comment 7 errata-xmlrpc 2023-05-16 19:03:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:3143 https://access.redhat.com/errata/RHSA-2023:3143
Comment 8 errata-xmlrpc 2023-05-16 19:38:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:3150 https://access.redhat.com/errata/RHSA-2023:3150
Comment 9 errata-xmlrpc 2023-05-16 19:39:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:3149 https://access.redhat.com/errata/RHSA-2023:3149
Comment 10 errata-xmlrpc 2023-05-16 19:40:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:3152 https://access.redhat.com/errata/RHSA-2023:3152
Comment 11 errata-xmlrpc 2023-05-16 19:40:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:3153 https://access.redhat.com/errata/RHSA-2023:3153
Comment 12 errata-xmlrpc 2023-05-16 19:41:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:3154 https://access.redhat.com/errata/RHSA-2023:3154
Comment 13 errata-xmlrpc 2023-05-16 19:42:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:3151 https://access.redhat.com/errata/RHSA-2023:3151
Comment 14 errata-xmlrpc 2023-05-16 19:43:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:3155 https://access.redhat.com/errata/RHSA-2023:3155
Comment 17 errata-xmlrpc 2023-05-18 06:36:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:3221 https://access.redhat.com/errata/RHSA-2023:3221
Comment 18 errata-xmlrpc 2023-05-18 06:36:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:3220 https://access.redhat.com/errata/RHSA-2023:3220
Comment 19 Product Security DevOps Team 2023-05-18 12:34:11 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-32211