Bug 2219751 (CVE-2023-37211)
| Summary: | CVE-2023-37211 Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | abobrov, desktop-qa-list, elima, erack, jhorak, nobody, stransky, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 102.13, thunderbird 102.13 | Doc Type: | --- |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-07-13 16:54:33 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2217668, 2217669, 2217670, 2217671, 2217672, 2217673, 2217674, 2217675, 2217676, 2217677, 2217678, 2217684, 2217685, 2217686, 2217687, 2217688, 2217689, 2217690, 2217691, 2217692, 2217693, 2217694 | ||
| Bug Blocks: | 2217666 | ||
|
Description
Dhananjay Arunesh
2023-07-05 06:40:59 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4063 https://access.redhat.com/errata/RHSA-2023:4063 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4064 https://access.redhat.com/errata/RHSA-2023:4064 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:4062 https://access.redhat.com/errata/RHSA-2023:4062 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4068 https://access.redhat.com/errata/RHSA-2023:4068 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4070 https://access.redhat.com/errata/RHSA-2023:4070 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:4065 https://access.redhat.com/errata/RHSA-2023:4065 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4067 https://access.redhat.com/errata/RHSA-2023:4067 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4069 https://access.redhat.com/errata/RHSA-2023:4069 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4071 https://access.redhat.com/errata/RHSA-2023:4071 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:4072 https://access.redhat.com/errata/RHSA-2023:4072 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4073 https://access.redhat.com/errata/RHSA-2023:4073 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4066 https://access.redhat.com/errata/RHSA-2023:4066 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4076 https://access.redhat.com/errata/RHSA-2023:4076 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4075 https://access.redhat.com/errata/RHSA-2023:4075 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4074 https://access.redhat.com/errata/RHSA-2023:4074 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:4079 https://access.redhat.com/errata/RHSA-2023:4079 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-37211 |