2157739 – (CVE-2022-3266) CVE-2022-3266 Mozilla: Out of bounds read when decoding H264

Bug 2157739 (CVE-2022-3266) - CVE-2022-3266 Mozilla: Out of bounds read when decoding H264

Summary: CVE-2022-3266 Mozilla: Out of bounds read when decoding H264

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-3266
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2125993 2125994 2125995 2125996 2125997 2125998 2125999 2126000 2126001 2126002 2126003 2126004 2126012 2126013 2126014 2126015 2126016 2126017 2126018 2126019 2126020 2126021 2126022 2126023
Blocks:	2125991
TreeView+	depends on / blocked

Reported:	2023-01-02 16:15 UTC by Mauro Matteo Cascella
Modified:	2023-01-04 20:31 UTC (History)
CC List:	5 users (show)
Fixed In Version:	firefox 102.3, thunderbird 102.3
Doc Type:	---
Doc Text:	The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash.
Clone Of:
Environment:
Last Closed:	2023-01-04 20:31:38 UTC
Embargoed:

Attachments	(Terms of Use)

Description Mauro Matteo Cascella 2023-01-02 16:15:46 UTC

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash.

External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-41/#CVE-2022-3266
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/#CVE-2022-3266

Comment 1 Mauro Matteo Cascella 2023-01-03 09:47:39 UTC

Mozilla upstream states that this issue was fixed in Firefox/Thunderbird version 102.3. The firefox/thunderbird packages as shipped in following Red Hat products were previously updated to a version that contains the fix via the following errata:

firefox in Red Hat Enterprise Linux 7
https://access.redhat.com/errata/RHSA-2022:6711

firefox in Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
https://access.redhat.com/errata/RHSA-2022:6703

firefox in Red Hat Enterprise Linux 8.2 Extended Update Support
https://access.redhat.com/errata/RHSA-2022:6707

firefox in Red Hat Enterprise Linux 8.4 Extended Update Support
https://access.redhat.com/errata/RHSA-2022:6701

firefox in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2022:6702

thunderbird in Red Hat Enterprise Linux 7
https://access.redhat.com/errata/RHSA-2022:6710

thunderbird in Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
https://access.redhat.com/errata/RHSA-2022:6716

thunderbird in Red Hat Enterprise Linux 8.2 Extended Update Support
https://access.redhat.com/errata/RHSA-2022:6715

thunderbird in Red Hat Enterprise Linux 8.4 Extended Update Support
https://access.redhat.com/errata/RHSA-2022:6713

thunderbird in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2022:6708

Comment 2 Product Security DevOps Team 2023-01-04 20:31:36 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-3266

Note You need to log in before you can comment on or make changes to this bug.