Bug 2291401 (CVE-2024-5700)
| Summary: | CVE-2024-5700 Mozilla: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Robb Gatica <rgatica> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, gotiwari, jhorak, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | firefox 115.12, thunderbird 115.12 | Doc Type: | --- |
| Doc Text: |
The Mozilla Foundation Security Advisory describes this flaw as:
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2284144 | ||
|
Description
Robb Gatica
2024-06-11 20:46:02 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2024:3952 https://access.redhat.com/errata/RHSA-2024:3952 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:3949 https://access.redhat.com/errata/RHSA-2024:3949 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:3950 https://access.redhat.com/errata/RHSA-2024:3950 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:3953 https://access.redhat.com/errata/RHSA-2024:3953 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3954 https://access.redhat.com/errata/RHSA-2024:3954 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:3955 https://access.redhat.com/errata/RHSA-2024:3955 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:3951 https://access.redhat.com/errata/RHSA-2024:3951 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:3958 https://access.redhat.com/errata/RHSA-2024:3958 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2024:3972 https://access.redhat.com/errata/RHSA-2024:3972 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2024:4001 https://access.redhat.com/errata/RHSA-2024:4001 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:4003 https://access.redhat.com/errata/RHSA-2024:4003 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:4004 https://access.redhat.com/errata/RHSA-2024:4004 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:4002 https://access.redhat.com/errata/RHSA-2024:4002 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:4015 https://access.redhat.com/errata/RHSA-2024:4015 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:4016 https://access.redhat.com/errata/RHSA-2024:4016 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:4018 https://access.redhat.com/errata/RHSA-2024:4018 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:4036 https://access.redhat.com/errata/RHSA-2024:4036 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2024:4063 https://access.redhat.com/errata/RHSA-2024:4063 |