Bug 2349793 (CVE-2025-1938)
| Summary: | CVE-2025-1938 firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, gotiwari, jhorak, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-03-04 14:01:21 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:2359 https://access.redhat.com/errata/RHSA-2025:2359 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:2452 https://access.redhat.com/errata/RHSA-2025:2452 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:2481 https://access.redhat.com/errata/RHSA-2025:2481 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:2480 https://access.redhat.com/errata/RHSA-2025:2480 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:2479 https://access.redhat.com/errata/RHSA-2025:2479 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:2485 https://access.redhat.com/errata/RHSA-2025:2485 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2025:2484 https://access.redhat.com/errata/RHSA-2025:2484 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:2486 https://access.redhat.com/errata/RHSA-2025:2486 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:2699 https://access.redhat.com/errata/RHSA-2025:2699 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:2708 https://access.redhat.com/errata/RHSA-2025:2708 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:2899 https://access.redhat.com/errata/RHSA-2025:2899 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:2900 https://access.redhat.com/errata/RHSA-2025:2900 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:2957 https://access.redhat.com/errata/RHSA-2025:2957 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:2960 https://access.redhat.com/errata/RHSA-2025:2960 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:2958 https://access.redhat.com/errata/RHSA-2025:2958 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:2959 https://access.redhat.com/errata/RHSA-2025:2959 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2025:3009 https://access.redhat.com/errata/RHSA-2025:3009 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:3013 https://access.redhat.com/errata/RHSA-2025:3013 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:3036 https://access.redhat.com/errata/RHSA-2025:3036 |