Bug 2382703 (CVE-2025-8035)
| Summary: | CVE-2025-8035 firefox: thunderbird: Memory safety bugs | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | gotiwari, jhorak, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:
Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140, and Thunderbird 140. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-07-22 21:01:32 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:11747 https://access.redhat.com/errata/RHSA-2025:11747 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:11748 https://access.redhat.com/errata/RHSA-2025:11748 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:11797 https://access.redhat.com/errata/RHSA-2025:11797 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:12045 https://access.redhat.com/errata/RHSA-2025:12045 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:12046 https://access.redhat.com/errata/RHSA-2025:12046 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:12044 https://access.redhat.com/errata/RHSA-2025:12044 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:12188 https://access.redhat.com/errata/RHSA-2025:12188 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:12187 https://access.redhat.com/errata/RHSA-2025:12187 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:12278 https://access.redhat.com/errata/RHSA-2025:12278 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:12302 https://access.redhat.com/errata/RHSA-2025:12302 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:12353 https://access.redhat.com/errata/RHSA-2025:12353 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:12360 https://access.redhat.com/errata/RHSA-2025:12360 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:12361 https://access.redhat.com/errata/RHSA-2025:12361 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:13646 https://access.redhat.com/errata/RHSA-2025:13646 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:13647 https://access.redhat.com/errata/RHSA-2025:13647 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:13648 https://access.redhat.com/errata/RHSA-2025:13648 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:13645 https://access.redhat.com/errata/RHSA-2025:13645 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:13650 https://access.redhat.com/errata/RHSA-2025:13650 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:13651 https://access.redhat.com/errata/RHSA-2025:13651 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:13649 https://access.redhat.com/errata/RHSA-2025:13649 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:13676 https://access.redhat.com/errata/RHSA-2025:13676 |