Bug 2111907 (CVE-2022-36319) - CVE-2022-36319 Mozilla: Mouse Position spoofing with CSS transforms
Summary: CVE-2022-36319 Mozilla: Mouse Position spoofing with CSS transforms
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-36319
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2108092 2108093 2108094 2108095 2108096 2108097 2108098 2108099 2108100 2108101 2108111 2108112 2108113 2108114 2108115 2108116 2108118 2108119 2108120 2108123
Blocks: 2108090
TreeView+ depends on / blocked
 
Reported: 2022-07-28 12:42 UTC by Mauro Matteo Cascella
Modified: 2022-08-30 23:55 UTC (History)
5 users (show)

Fixed In Version: firefox 91.12, firefox 102.1, thunderbird 91.12, thunderbird 102.1
Doc Type: ---
Doc Text:
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed.
Clone Of:
Environment:
Last Closed: 2022-08-30 23:55:53 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:5765 0 None None None 2022-08-01 08:53:52 UTC
Red Hat Product Errata RHSA-2022:5766 0 None None None 2022-08-01 08:14:39 UTC
Red Hat Product Errata RHSA-2022:5767 0 None None None 2022-08-01 09:16:08 UTC
Red Hat Product Errata RHSA-2022:5769 0 None None None 2022-08-01 10:17:29 UTC
Red Hat Product Errata RHSA-2022:5770 0 None None None 2022-08-01 09:22:49 UTC
Red Hat Product Errata RHSA-2022:5771 0 None None None 2022-08-01 09:36:39 UTC
Red Hat Product Errata RHSA-2022:5772 0 None None None 2022-08-01 10:30:52 UTC
Red Hat Product Errata RHSA-2022:5773 0 None None None 2022-08-01 11:58:47 UTC
Red Hat Product Errata RHSA-2022:5774 0 None None None 2022-08-01 11:40:53 UTC
Red Hat Product Errata RHSA-2022:5776 0 None None None 2022-08-01 14:17:54 UTC
Red Hat Product Errata RHSA-2022:5777 0 None None None 2022-08-01 11:51:49 UTC
Red Hat Product Errata RHSA-2022:5778 0 None None None 2022-08-01 10:46:56 UTC

Description Mauro Matteo Cascella 2022-07-28 12:42:14 UTC
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed.

External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-36319

Comment 1 errata-xmlrpc 2022-08-01 08:14:37 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:5766 https://access.redhat.com/errata/RHSA-2022:5766

Comment 2 errata-xmlrpc 2022-08-01 08:53:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:5765 https://access.redhat.com/errata/RHSA-2022:5765

Comment 3 errata-xmlrpc 2022-08-01 09:16:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5767 https://access.redhat.com/errata/RHSA-2022:5767

Comment 4 errata-xmlrpc 2022-08-01 09:22:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:5770 https://access.redhat.com/errata/RHSA-2022:5770

Comment 5 errata-xmlrpc 2022-08-01 09:36:37 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:5771 https://access.redhat.com/errata/RHSA-2022:5771

Comment 6 errata-xmlrpc 2022-08-01 10:17:26 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:5769 https://access.redhat.com/errata/RHSA-2022:5769

Comment 7 errata-xmlrpc 2022-08-01 10:30:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:5772 https://access.redhat.com/errata/RHSA-2022:5772

Comment 8 errata-xmlrpc 2022-08-01 10:46:54 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5778 https://access.redhat.com/errata/RHSA-2022:5778

Comment 9 errata-xmlrpc 2022-08-01 11:40:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:5774 https://access.redhat.com/errata/RHSA-2022:5774

Comment 10 errata-xmlrpc 2022-08-01 11:51:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:5777 https://access.redhat.com/errata/RHSA-2022:5777

Comment 11 errata-xmlrpc 2022-08-01 11:58:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:5773 https://access.redhat.com/errata/RHSA-2022:5773

Comment 12 errata-xmlrpc 2022-08-01 14:17:52 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:5776 https://access.redhat.com/errata/RHSA-2022:5776

Comment 13 Product Security DevOps Team 2022-08-30 23:55:51 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-36319


Note You need to log in before you can comment on or make changes to this bug.