A data race could occur in the `PK11_ChangePW` function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2022-34/#CVE-2022-38476
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6165 https://access.redhat.com/errata/RHSA-2022:6165
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6166 https://access.redhat.com/errata/RHSA-2022:6166
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:6168 https://access.redhat.com/errata/RHSA-2022:6168
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:6167 https://access.redhat.com/errata/RHSA-2022:6167
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6176 https://access.redhat.com/errata/RHSA-2022:6176
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:6178 https://access.redhat.com/errata/RHSA-2022:6178
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6174 https://access.redhat.com/errata/RHSA-2022:6174
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6164 https://access.redhat.com/errata/RHSA-2022:6164
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6175 https://access.redhat.com/errata/RHSA-2022:6175
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:6177 https://access.redhat.com/errata/RHSA-2022:6177
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:6169 https://access.redhat.com/errata/RHSA-2022:6169
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:6179 https://access.redhat.com/errata/RHSA-2022:6179
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-38476