Bug 2356563 (CVE-2025-3030)
| Summary: | CVE-2025-3030 firefox: thunderbird: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | erack, gotiwari, jhorak, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-04-01 13:01:22 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:3556 https://access.redhat.com/errata/RHSA-2025:3556 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2025:3581 https://access.redhat.com/errata/RHSA-2025:3581 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:3582 https://access.redhat.com/errata/RHSA-2025:3582 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:3587 https://access.redhat.com/errata/RHSA-2025:3587 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:3589 https://access.redhat.com/errata/RHSA-2025:3589 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:3590 https://access.redhat.com/errata/RHSA-2025:3590 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:3623 https://access.redhat.com/errata/RHSA-2025:3623 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:3620 https://access.redhat.com/errata/RHSA-2025:3620 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:3621 https://access.redhat.com/errata/RHSA-2025:3621 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:3628 https://access.redhat.com/errata/RHSA-2025:3628 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:4026 https://access.redhat.com/errata/RHSA-2025:4026 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:4027 https://access.redhat.com/errata/RHSA-2025:4027 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:4029 https://access.redhat.com/errata/RHSA-2025:4029 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:4028 https://access.redhat.com/errata/RHSA-2025:4028 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:4032 https://access.redhat.com/errata/RHSA-2025:4032 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2025:4031 https://access.redhat.com/errata/RHSA-2025:4031 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:4030 https://access.redhat.com/errata/RHSA-2025:4030 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:4169 https://access.redhat.com/errata/RHSA-2025:4169 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:4170 https://access.redhat.com/errata/RHSA-2025:4170 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:7491 https://access.redhat.com/errata/RHSA-2025:7491 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:7493 https://access.redhat.com/errata/RHSA-2025:7493 |