Bug 2460078 (CVE-2026-6752)

Summary: CVE-2026-6752 firefox: thunderbird: Incorrect boundary conditions in the WebRTC component
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: gotiwari, jgrulich, jhorak, mvyas, rhel-process-autobot, tpopela, watson-tool-maintainers
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the WebRTC component
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-04-21 14:01:39 UTC 
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10.
Comment 1 errata-xmlrpc 2026-04-27 10:43:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:10757 https://access.redhat.com/errata/RHSA-2026:10757
Comment 2 errata-xmlrpc 2026-04-27 12:16:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:10767 https://access.redhat.com/errata/RHSA-2026:10767
Comment 3 errata-xmlrpc 2026-04-27 12:28:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:10766 https://access.redhat.com/errata/RHSA-2026:10766
Comment 4 errata-xmlrpc 2026-04-30 13:50:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:12285 https://access.redhat.com/errata/RHSA-2026:12285
Comment 5 errata-xmlrpc 2026-05-04 16:48:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:13537 https://access.redhat.com/errata/RHSA-2026:13537
Comment 6 errata-xmlrpc 2026-05-11 02:04:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:15892 https://access.redhat.com/errata/RHSA-2026:15892
Comment 7 errata-xmlrpc 2026-05-14 08:24:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:17477 https://access.redhat.com/errata/RHSA-2026:17477
Comment 8 errata-xmlrpc 2026-05-14 19:43:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:17690 https://access.redhat.com/errata/RHSA-2026:17690
Comment 9 errata-xmlrpc 2026-05-14 19:48:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:17687 https://access.redhat.com/errata/RHSA-2026:17687
Comment 10 errata-xmlrpc 2026-05-14 19:53:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:17689 https://access.redhat.com/errata/RHSA-2026:17689
Comment 11 errata-xmlrpc 2026-05-14 20:14:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:17688 https://access.redhat.com/errata/RHSA-2026:17688
Comment 12 errata-xmlrpc 2026-05-19 13:05:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19041 https://access.redhat.com/errata/RHSA-2026:19041
Comment 13 errata-xmlrpc 2026-05-19 16:05:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19131 https://access.redhat.com/errata/RHSA-2026:19131
Comment 14 errata-xmlrpc 2026-05-19 18:01:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19201 https://access.redhat.com/errata/RHSA-2026:19201
Comment 15 errata-xmlrpc 2026-05-19 21:37:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19348 https://access.redhat.com/errata/RHSA-2026:19348
Comment 16 errata-xmlrpc 2026-05-20 02:00:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:19461 https://access.redhat.com/errata/RHSA-2026:19461
Comment 17 errata-xmlrpc 2026-05-20 02:08:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:19465 https://access.redhat.com/errata/RHSA-2026:19465
Comment 18 errata-xmlrpc 2026-05-20 02:18:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:19463 https://access.redhat.com/errata/RHSA-2026:19463
Comment 19 errata-xmlrpc 2026-05-20 02:51:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:19468 https://access.redhat.com/errata/RHSA-2026:19468
Comment 20 errata-xmlrpc 2026-05-20 02:53:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:19467 https://access.redhat.com/errata/RHSA-2026:19467
Comment 21 errata-xmlrpc 2026-05-20 02:59:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:19469 https://access.redhat.com/errata/RHSA-2026:19469
Comment 22 errata-xmlrpc 2026-05-20 03:01:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:19464 https://access.redhat.com/errata/RHSA-2026:19464
Comment 23 errata-xmlrpc 2026-05-20 03:03:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:19466 https://access.redhat.com/errata/RHSA-2026:19466
Comment 24 errata-xmlrpc 2026-05-20 03:05:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:19462 https://access.redhat.com/errata/RHSA-2026:19462
Comment 25 errata-xmlrpc 2026-05-20 07:32:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:19542 https://access.redhat.com/errata/RHSA-2026:19542
Comment 26 errata-xmlrpc 2026-05-20 13:02:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:19655 https://access.redhat.com/errata/RHSA-2026:19655
Comment 27 errata-xmlrpc 2026-05-20 14:17:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:19704 https://access.redhat.com/errata/RHSA-2026:19704