Mozilla developers Jason Kratzer, Christian Holler, and Bob Clary reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17024
Acknowledgments: Name: the Mozilla project Upstream: Mozilla developers
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:0086 https://access.redhat.com/errata/RHSA-2020:0086
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0085 https://access.redhat.com/errata/RHSA-2020:0085
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-17024
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0111 https://access.redhat.com/errata/RHSA-2020:0111
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:0123 https://access.redhat.com/errata/RHSA-2020:0123
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0120 https://access.redhat.com/errata/RHSA-2020:0120
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0127 https://access.redhat.com/errata/RHSA-2020:0127
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0292 https://access.redhat.com/errata/RHSA-2020:0292
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0295 https://access.redhat.com/errata/RHSA-2020:0295