Bug 2463481 (CVE-2026-7323) - CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1
Summary: CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 1...
Keywords:
Status: NEW
Alias: CVE-2026-7323
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-04-28 15:01 UTC by OSIDB Bzimport
Modified: 2026-06-10 09:04 UTC (History)
7 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2026:19153 0 None None None 2026-05-19 16:10:01 UTC
Red Hat Product Errata RHSA-2026:19157 0 None None None 2026-05-19 16:10:16 UTC
Red Hat Product Errata RHSA-2026:19348 0 None None None 2026-05-19 21:38:18 UTC
Red Hat Product Errata RHSA-2026:19370 0 None None None 2026-05-19 21:41:37 UTC
Red Hat Product Errata RHSA-2026:19588 0 None None None 2026-05-20 11:27:54 UTC
Red Hat Product Errata RHSA-2026:20586 0 None None None 2026-05-26 04:52:36 UTC
Red Hat Product Errata RHSA-2026:21743 0 None None None 2026-05-28 12:30:36 UTC
Red Hat Product Errata RHSA-2026:22324 0 None None None 2026-06-01 15:29:52 UTC
Red Hat Product Errata RHSA-2026:22408 0 None None None 2026-06-02 06:51:11 UTC
Red Hat Product Errata RHSA-2026:22409 0 None None None 2026-06-02 06:54:28 UTC
Red Hat Product Errata RHSA-2026:22410 0 None None None 2026-06-02 06:49:04 UTC
Red Hat Product Errata RHSA-2026:22708 0 None None None 2026-06-03 05:50:25 UTC
Red Hat Product Errata RHSA-2026:22712 0 None None None 2026-06-03 07:48:51 UTC
Red Hat Product Errata RHSA-2026:22847 0 None None None 2026-06-03 13:47:29 UTC
Red Hat Product Errata RHSA-2026:24345 0 None None None 2026-06-08 02:54:38 UTC
Red Hat Product Errata RHSA-2026:24717 0 None None None 2026-06-09 06:48:57 UTC
Red Hat Product Errata RHSA-2026:24718 0 None None None 2026-06-09 06:44:19 UTC
Red Hat Product Errata RHSA-2026:24719 0 None None None 2026-06-09 06:45:04 UTC
Red Hat Product Errata RHSA-2026:24721 0 None None None 2026-06-09 08:04:56 UTC
Red Hat Product Errata RHSA-2026:24844 0 None None None 2026-06-09 15:05:06 UTC
Red Hat Product Errata RHSA-2026:24846 0 None None None 2026-06-09 15:08:24 UTC
Red Hat Product Errata RHSA-2026:25014 0 None None None 2026-06-10 09:04:02 UTC

Description OSIDB Bzimport 2026-04-28 15:01:29 UTC 
Memory safety bugs present in Firefox ESR 140.10.0, Thunderbird ESR 140.10.0, Firefox 150.0.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Firefox ESR 140.10.1.
Comment 1 errata-xmlrpc 2026-05-19 16:10:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19153 https://access.redhat.com/errata/RHSA-2026:19153
Comment 2 errata-xmlrpc 2026-05-19 16:10:15 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19157 https://access.redhat.com/errata/RHSA-2026:19157
Comment 3 errata-xmlrpc 2026-05-19 21:38:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19348 https://access.redhat.com/errata/RHSA-2026:19348
Comment 4 errata-xmlrpc 2026-05-19 21:41:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19370 https://access.redhat.com/errata/RHSA-2026:19370
Comment 5 errata-xmlrpc 2026-05-20 11:27:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:19588 https://access.redhat.com/errata/RHSA-2026:19588
Comment 6 errata-xmlrpc 2026-05-26 04:52:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:20586 https://access.redhat.com/errata/RHSA-2026:20586
Comment 7 errata-xmlrpc 2026-05-28 12:30:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:21743 https://access.redhat.com/errata/RHSA-2026:21743
Comment 8 errata-xmlrpc 2026-06-01 15:29:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions

Via RHSA-2026:22324 https://access.redhat.com/errata/RHSA-2026:22324
Comment 9 errata-xmlrpc 2026-06-02 06:49:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:22410 https://access.redhat.com/errata/RHSA-2026:22410
Comment 10 errata-xmlrpc 2026-06-02 06:51:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:22408 https://access.redhat.com/errata/RHSA-2026:22408
Comment 11 errata-xmlrpc 2026-06-02 06:54:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:22409 https://access.redhat.com/errata/RHSA-2026:22409
Comment 12 errata-xmlrpc 2026-06-03 05:50:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:22708 https://access.redhat.com/errata/RHSA-2026:22708
Comment 13 errata-xmlrpc 2026-06-03 07:48:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:22712 https://access.redhat.com/errata/RHSA-2026:22712
Comment 14 errata-xmlrpc 2026-06-03 13:47:28 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:22847 https://access.redhat.com/errata/RHSA-2026:22847
Comment 15 errata-xmlrpc 2026-06-08 02:54:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On

Via RHSA-2026:24345 https://access.redhat.com/errata/RHSA-2026:24345
Comment 16 errata-xmlrpc 2026-06-09 06:44:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:24718 https://access.redhat.com/errata/RHSA-2026:24718
Comment 17 errata-xmlrpc 2026-06-09 06:45:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:24719 https://access.redhat.com/errata/RHSA-2026:24719
Comment 18 errata-xmlrpc 2026-06-09 06:48:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:24717 https://access.redhat.com/errata/RHSA-2026:24717
Comment 19 errata-xmlrpc 2026-06-09 08:04:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:24721 https://access.redhat.com/errata/RHSA-2026:24721
Comment 20 errata-xmlrpc 2026-06-09 15:05:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:24844 https://access.redhat.com/errata/RHSA-2026:24844
Comment 21 errata-xmlrpc 2026-06-09 15:08:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions

Via RHSA-2026:24846 https://access.redhat.com/errata/RHSA-2026:24846
Comment 22 errata-xmlrpc 2026-06-10 09:04:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On

Via RHSA-2026:25014 https://access.redhat.com/errata/RHSA-2026:25014
Note You need to log in before you can comment on or make changes to this bug.