Bug 2395759 (CVE-2025-10537)
| Summary: | CVE-2025-10537 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | gotiwari, jgrulich, jhorak, michael.h.hall-1, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:
Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-09-16 13:02:22 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:16109 https://access.redhat.com/errata/RHSA-2025:16109 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:16108 https://access.redhat.com/errata/RHSA-2025:16108 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:16156 https://access.redhat.com/errata/RHSA-2025:16156 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:16157 https://access.redhat.com/errata/RHSA-2025:16157 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:16260 https://access.redhat.com/errata/RHSA-2025:16260 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:16589 https://access.redhat.com/errata/RHSA-2025:16589 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:17341 https://access.redhat.com/errata/RHSA-2025:17341 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:17340 https://access.redhat.com/errata/RHSA-2025:17340 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:17342 https://access.redhat.com/errata/RHSA-2025:17342 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:17344 https://access.redhat.com/errata/RHSA-2025:17344 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:17343 https://access.redhat.com/errata/RHSA-2025:17343 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:17345 https://access.redhat.com/errata/RHSA-2025:17345 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:17346 https://access.redhat.com/errata/RHSA-2025:17346 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:17368 https://access.redhat.com/errata/RHSA-2025:17368 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:17367 https://access.redhat.com/errata/RHSA-2025:17367 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:17372 https://access.redhat.com/errata/RHSA-2025:17372 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:17371 https://access.redhat.com/errata/RHSA-2025:17371 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:17373 https://access.redhat.com/errata/RHSA-2025:17373 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:17374 https://access.redhat.com/errata/RHSA-2025:17374 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:17378 https://access.redhat.com/errata/RHSA-2025:17378 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:17453 https://access.redhat.com/errata/RHSA-2025:17453 |