Bug 2011099 (CVE-2021-38498) - CVE-2021-38498 Mozilla: Use-after-free of nsLanguageAtomService object
Summary: CVE-2021-38498 Mozilla: Use-after-free of nsLanguageAtomService object
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-38498
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: Red Hat2009139 Red Hat2009140 Red Hat2009141 Red Hat2009142 Red Hat2009143 Red Hat2009144 Red Hat2009145 Red Hat2010723 Red Hat2010724 Red Hat2010725 Red Hat2010727 Red Hat2010728 Red Hat2010729 Red Hat2010730 Red Hat2010731 Red Hat2010732
Blocks: Embargoed2008932
TreeView+ depends on / blocked
 
Reported: 2021-10-06 00:37 UTC by Doran Moppert
Modified: 2021-11-19 08:17 UTC (History)
5 users (show)

Fixed In Version: firefox 91.2, thunderbird 91.2
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-10-11 14:08:23 UTC

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2021:3755 0 None None None 2021-10-11 08:13:46 UTC
Red Hat Product Errata RHSA-2021:3756 0 None None None 2021-10-11 08:10:35 UTC
Red Hat Product Errata RHSA-2021:3757 0 None None None 2021-10-11 08:12:32 UTC
Red Hat Product Errata RHSA-2021:3791 0 None None None 2021-10-12 14:22:49 UTC
Red Hat Product Errata RHSA-2021:3838 0 None None None 2021-10-13 09:31:17 UTC
Red Hat Product Errata RHSA-2021:3839 0 None None None 2021-10-13 09:26:48 UTC
Red Hat Product Errata RHSA-2021:3840 0 None None None 2021-10-13 09:25:54 UTC
Red Hat Product Errata RHSA-2021:3841 0 None None None 2021-10-13 09:57:33 UTC

Description Doran Moppert 2021-10-06 00:37:02 UTC 
During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash.



External Reference:

https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38498
Comment 1 errata-xmlrpc 2021-10-11 08:10:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3756 https://access.redhat.com/errata/RHSA-2021:3756
Comment 2 errata-xmlrpc 2021-10-11 08:12:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3757 https://access.redhat.com/errata/RHSA-2021:3757
Comment 3 errata-xmlrpc 2021-10-11 08:13:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3755 https://access.redhat.com/errata/RHSA-2021:3755
Comment 4 Product Security DevOps Team 2021-10-11 14:08:23 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-38498
Comment 5 errata-xmlrpc 2021-10-12 14:22:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3791 https://access.redhat.com/errata/RHSA-2021:3791
Comment 6 errata-xmlrpc 2021-10-13 09:25:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3840 https://access.redhat.com/errata/RHSA-2021:3840
Comment 7 errata-xmlrpc 2021-10-13 09:26:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3839 https://access.redhat.com/errata/RHSA-2021:3839
Comment 8 errata-xmlrpc 2021-10-13 09:31:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3838 https://access.redhat.com/errata/RHSA-2021:3838
Comment 9 errata-xmlrpc 2021-10-13 09:57:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3841 https://access.redhat.com/errata/RHSA-2021:3841
Note You need to log in before you can comment on or make changes to this bug.