Bug 2403774 (CVE-2025-11715)
| Summary: | CVE-2025-11715 thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | gotiwari, jgrulich, jhorak, mvyas, tpopela |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue:
Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-10-14 13:02:33 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:18154 https://access.redhat.com/errata/RHSA-2025:18154 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:18155 https://access.redhat.com/errata/RHSA-2025:18155 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:18285 https://access.redhat.com/errata/RHSA-2025:18285 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:18320 https://access.redhat.com/errata/RHSA-2025:18320 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:18321 https://access.redhat.com/errata/RHSA-2025:18321 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:18983 https://access.redhat.com/errata/RHSA-2025:18983 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:19278 https://access.redhat.com/errata/RHSA-2025:19278 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:19939 https://access.redhat.com/errata/RHSA-2025:19939 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:19941 https://access.redhat.com/errata/RHSA-2025:19941 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:19942 https://access.redhat.com/errata/RHSA-2025:19942 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:19945 https://access.redhat.com/errata/RHSA-2025:19945 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:19943 https://access.redhat.com/errata/RHSA-2025:19943 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:19938 https://access.redhat.com/errata/RHSA-2025:19938 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:19944 https://access.redhat.com/errata/RHSA-2025:19944 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:21054 https://access.redhat.com/errata/RHSA-2025:21054 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2025:21055 https://access.redhat.com/errata/RHSA-2025:21055 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:21056 https://access.redhat.com/errata/RHSA-2025:21056 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:21058 https://access.redhat.com/errata/RHSA-2025:21058 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2025:21057 https://access.redhat.com/errata/RHSA-2025:21057 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:21059 https://access.redhat.com/errata/RHSA-2025:21059 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2025:21064 https://access.redhat.com/errata/RHSA-2025:21064 |