Bug 1831761 (CVE-2020-12387) - CVE-2020-12387 Mozilla: Use-after-free during worker shutdown
Summary: CVE-2020-12387 Mozilla: Use-after-free during worker shutdown
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-12387
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1828972 1828973 1828974 1828975 1828976 1828977 1828978 1831592 1831593 1831594 1831595 1831596 1831597 1831598
Blocks: 1828970
TreeView+ depends on / blocked
 
Reported: 2020-05-05 15:14 UTC by msiddiqu
Modified: 2021-02-16 20:06 UTC (History)
5 users (show)

Fixed In Version: firefox 68.8, thunderbird 68.8.0
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Mozilla Firefox and Thunderbird. When running shutdown code for Web Worker, a race condition occurs leading to a use-after-free memory flaw that could lead to an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Environment:
Last Closed: 2020-05-06 10:31:56 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:2031 0 None None None 2020-05-06 08:43:49 UTC
Red Hat Product Errata RHSA-2020:2032 0 None None None 2020-05-06 08:27:08 UTC
Red Hat Product Errata RHSA-2020:2033 0 None None None 2020-05-06 08:10:53 UTC
Red Hat Product Errata RHSA-2020:2036 0 None None None 2020-05-06 10:45:24 UTC
Red Hat Product Errata RHSA-2020:2037 0 None None None 2020-05-06 10:42:12 UTC
Red Hat Product Errata RHSA-2020:2046 0 None None None 2020-05-11 09:25:18 UTC
Red Hat Product Errata RHSA-2020:2047 0 None None None 2020-05-11 09:05:45 UTC
Red Hat Product Errata RHSA-2020:2048 0 None None None 2020-05-11 08:54:42 UTC
Red Hat Product Errata RHSA-2020:2049 0 None None None 2020-05-11 09:34:35 UTC
Red Hat Product Errata RHSA-2020:2050 0 None None None 2020-05-11 09:51:06 UTC

Description msiddiqu 2020-05-05 15:14:10 UTC
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12387

Comment 1 msiddiqu 2020-05-05 15:14:15 UTC
Acknowledgments:

Name: the Mozilla project
Upstream: Looben Yang

Comment 2 errata-xmlrpc 2020-05-06 08:10:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:2033 https://access.redhat.com/errata/RHSA-2020:2033

Comment 3 errata-xmlrpc 2020-05-06 08:26:30 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:2032 https://access.redhat.com/errata/RHSA-2020:2032

Comment 4 errata-xmlrpc 2020-05-06 08:43:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:2031 https://access.redhat.com/errata/RHSA-2020:2031

Comment 5 Product Security DevOps Team 2020-05-06 10:31:56 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-12387

Comment 6 errata-xmlrpc 2020-05-06 10:42:10 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:2037 https://access.redhat.com/errata/RHSA-2020:2037

Comment 7 errata-xmlrpc 2020-05-06 10:45:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:2036 https://access.redhat.com/errata/RHSA-2020:2036

Comment 9 errata-xmlrpc 2020-05-11 08:54:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:2048 https://access.redhat.com/errata/RHSA-2020:2048

Comment 10 errata-xmlrpc 2020-05-11 09:05:43 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2020:2047 https://access.redhat.com/errata/RHSA-2020:2047

Comment 11 errata-xmlrpc 2020-05-11 09:25:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:2046 https://access.redhat.com/errata/RHSA-2020:2046

Comment 12 errata-xmlrpc 2020-05-11 09:34:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:2049 https://access.redhat.com/errata/RHSA-2020:2049

Comment 13 errata-xmlrpc 2020-05-11 09:51:05 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:2050 https://access.redhat.com/errata/RHSA-2020:2050


Note You need to log in before you can comment on or make changes to this bug.