1872533 – (CVE-2020-15670) CVE-2020-15670 Mozilla: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

Bug 1872533 (CVE-2020-15670) - CVE-2020-15670 Mozilla: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

Summary: CVE-2020-15670 Mozilla: Memory safety bugs fixed in Firefox 80 and Firefox ES...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2020-15670
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1870411
TreeView+	depends on / blocked

Reported:	2020-08-26 02:46 UTC by Doran Moppert
Modified:	2021-10-05 06:42 UTC (History)
CC List:	4 users (show)
Fixed In Version:	firefox 78.2, firefox 80, thunderbird 78.2
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-08-26 07:17:32 UTC
Embargoed:

Attachments	(Terms of Use)

Description Doran Moppert 2020-08-26 02:46:11 UTC

Mozilla developers Jason Kratzer, Christian Holler, Byron Campen, Tyson Smith reported memory safety bugs present in Firefox 79 and Firefox ESR 78.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/#CVE-2020-15670

Comment 1 Doran Moppert 2020-08-26 02:46:15 UTC

Acknowledgments:

Name: the Mozilla project
Upstream: Mozilla developers and community

Comment 2 Product Security DevOps Team 2020-08-26 07:17:32 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-15670

Note You need to log in before you can comment on or make changes to this bug.