A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/#CVE-2018-12365
Acknowledgments: Name: the Mozilla project Upstream: Alex Gaynor
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2112 https://access.redhat.com/errata/RHSA-2018:2112
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2113 https://access.redhat.com/errata/RHSA-2018:2113
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2252 https://access.redhat.com/errata/RHSA-2018:2252
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2251