Bug 2275555 (CVE-2024-3864)
Summary: | CVE-2024-3864 Mozilla: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
Status: | NEW --- | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | abobrov, erack, gotiwari, jhorak, mvyas, tpopela |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | firefox 115.10, thunderbird 115.10 | Doc Type: | --- |
Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2272959 |
Description
Mauro Matteo Cascella
2024-04-17 15:18:06 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2024:1904 https://access.redhat.com/errata/RHSA-2024:1904 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:1905 https://access.redhat.com/errata/RHSA-2024:1905 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:1907 https://access.redhat.com/errata/RHSA-2024:1907 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:1908 https://access.redhat.com/errata/RHSA-2024:1908 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:1906 https://access.redhat.com/errata/RHSA-2024:1906 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:1909 https://access.redhat.com/errata/RHSA-2024:1909 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:1911 https://access.redhat.com/errata/RHSA-2024:1911 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1912 https://access.redhat.com/errata/RHSA-2024:1912 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1910 https://access.redhat.com/errata/RHSA-2024:1910 |