Bug 2245906 (CVE-2023-5730) - CVE-2023-5730 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4
Summary: CVE-2023-5730 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 1...
Keywords:
Status: NEW
Alias: CVE-2023-5730
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2245887
TreeView+ depends on / blocked
 
Reported: 2023-10-24 14:22 UTC by Mauro Matteo Cascella
Modified: 2023-11-03 08:17 UTC (History)
0 users

Fixed In Version: firefox 115.4, thunderbird 115.4.1
Doc Type: ---
Doc Text:
The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:6162 0 None None None 2023-10-30 08:16:49 UTC
Red Hat Product Errata RHSA-2023:6185 0 None None None 2023-10-30 16:40:33 UTC
Red Hat Product Errata RHSA-2023:6186 0 None None None 2023-10-30 17:14:46 UTC
Red Hat Product Errata RHSA-2023:6187 0 None None None 2023-10-30 17:35:32 UTC
Red Hat Product Errata RHSA-2023:6188 0 None None None 2023-10-30 17:13:59 UTC
Red Hat Product Errata RHSA-2023:6189 0 None None None 2023-10-30 17:30:04 UTC
Red Hat Product Errata RHSA-2023:6191 0 None None None 2023-10-30 17:38:05 UTC
Red Hat Product Errata RHSA-2023:6193 0 None None None 2023-10-30 17:38:46 UTC
Red Hat Product Errata RHSA-2023:6194 0 None None None 2023-10-30 17:40:32 UTC
Red Hat Product Errata RHSA-2023:6195 0 None None None 2023-10-30 17:41:08 UTC
Red Hat Product Errata RHSA-2023:6196 0 None None None 2023-10-30 17:42:26 UTC
Red Hat Product Errata RHSA-2023:6197 0 None None None 2023-10-30 17:40:48 UTC
Red Hat Product Errata RHSA-2023:6198 0 None None None 2023-10-30 17:40:58 UTC
Red Hat Product Errata RHSA-2023:6199 0 None None None 2023-10-30 17:42:08 UTC

Description Mauro Matteo Cascella 2023-10-24 14:22:13 UTC 
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5730
Comment 26 errata-xmlrpc 2023-10-30 08:16:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:6162 https://access.redhat.com/errata/RHSA-2023:6162
Comment 27 errata-xmlrpc 2023-10-30 16:40:32 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:6185 https://access.redhat.com/errata/RHSA-2023:6185
Comment 28 errata-xmlrpc 2023-10-30 17:13:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6188 https://access.redhat.com/errata/RHSA-2023:6188
Comment 29 errata-xmlrpc 2023-10-30 17:14:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:6186 https://access.redhat.com/errata/RHSA-2023:6186
Comment 30 errata-xmlrpc 2023-10-30 17:30:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:6189 https://access.redhat.com/errata/RHSA-2023:6189
Comment 31 errata-xmlrpc 2023-10-30 17:35:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:6187 https://access.redhat.com/errata/RHSA-2023:6187
Comment 32 errata-xmlrpc 2023-10-30 17:38:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6191 https://access.redhat.com/errata/RHSA-2023:6191
Comment 33 errata-xmlrpc 2023-10-30 17:38:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:6193 https://access.redhat.com/errata/RHSA-2023:6193
Comment 34 errata-xmlrpc 2023-10-30 17:40:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:6194 https://access.redhat.com/errata/RHSA-2023:6194
Comment 35 errata-xmlrpc 2023-10-30 17:40:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:6197 https://access.redhat.com/errata/RHSA-2023:6197
Comment 36 errata-xmlrpc 2023-10-30 17:40:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:6198 https://access.redhat.com/errata/RHSA-2023:6198
Comment 37 errata-xmlrpc 2023-10-30 17:41:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:6195 https://access.redhat.com/errata/RHSA-2023:6195
Comment 38 errata-xmlrpc 2023-10-30 17:42:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:6199 https://access.redhat.com/errata/RHSA-2023:6199
Comment 39 errata-xmlrpc 2023-10-30 17:42:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:6196 https://access.redhat.com/errata/RHSA-2023:6196
Note You need to log in before you can comment on or make changes to this bug.