Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/#CVE-2022-46878
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:9066 https://access.redhat.com/errata/RHSA-2022:9066
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:9065 https://access.redhat.com/errata/RHSA-2022:9065
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:9067 https://access.redhat.com/errata/RHSA-2022:9067
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2022:9068 https://access.redhat.com/errata/RHSA-2022:9068
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:9071 https://access.redhat.com/errata/RHSA-2022:9071
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:9069 https://access.redhat.com/errata/RHSA-2022:9069
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2022:9070 https://access.redhat.com/errata/RHSA-2022:9070
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:9072 https://access.redhat.com/errata/RHSA-2022:9072
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:9077 https://access.redhat.com/errata/RHSA-2022:9077
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:9075 https://access.redhat.com/errata/RHSA-2022:9075
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2022:9076 https://access.redhat.com/errata/RHSA-2022:9076
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:9080 https://access.redhat.com/errata/RHSA-2022:9080
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2022:9078 https://access.redhat.com/errata/RHSA-2022:9078
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2022:9081 https://access.redhat.com/errata/RHSA-2022:9081
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:9074 https://access.redhat.com/errata/RHSA-2022:9074
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:9079 https://access.redhat.com/errata/RHSA-2022:9079
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-46878