Bug 2265356 (CVE-2024-1553) - CVE-2024-1553 Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
Summary: CVE-2024-1553 Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 1...
Keywords:
Status: NEW
Alias: CVE-2024-1553
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2263900
TreeView+ depends on / blocked
 
Reported: 2024-02-21 16:22 UTC by Mauro Matteo Cascella
Modified: 2024-02-26 09:48 UTC (History)
6 users (show)

Fixed In Version: firefox 115.8, thunderbird 115.8
Doc Type: ---
Doc Text:
The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:0952 0 None None None 2024-02-22 16:47:40 UTC
Red Hat Product Errata RHSA-2024:0955 0 None None None 2024-02-26 00:22:52 UTC
Red Hat Product Errata RHSA-2024:0957 0 None None None 2024-02-26 01:45:20 UTC
Red Hat Product Errata RHSA-2024:0958 0 None None None 2024-02-26 01:37:55 UTC
Red Hat Product Errata RHSA-2024:0959 0 None None None 2024-02-26 01:41:04 UTC
Red Hat Product Errata RHSA-2024:0960 0 None None None 2024-02-26 02:14:30 UTC
Red Hat Product Errata RHSA-2024:0961 0 None None None 2024-02-26 02:15:14 UTC
Red Hat Product Errata RHSA-2024:0962 0 None None None 2024-02-26 02:16:55 UTC
Red Hat Product Errata RHSA-2024:0963 0 None None None 2024-02-26 02:08:17 UTC
Red Hat Product Errata RHSA-2024:0964 0 None None None 2024-02-26 02:16:01 UTC
Red Hat Product Errata RHSA-2024:0968 0 None None None 2024-02-26 02:17:33 UTC
Red Hat Product Errata RHSA-2024:0969 0 None None None 2024-02-26 02:14:53 UTC
Red Hat Product Errata RHSA-2024:0970 0 None None None 2024-02-26 02:15:52 UTC
Red Hat Product Errata RHSA-2024:0971 0 None None None 2024-02-26 02:15:17 UTC
Red Hat Product Errata RHSA-2024:0972 0 None None None 2024-02-26 02:16:26 UTC
Red Hat Product Errata RHSA-2024:0976 0 None None None 2024-02-26 04:27:54 UTC
Red Hat Product Errata RHSA-2024:0983 0 None None None 2024-02-26 09:48:07 UTC
Red Hat Product Errata RHSA-2024:0984 0 None None None 2024-02-26 09:48:19 UTC

Description Mauro Matteo Cascella 2024-02-21 16:22:03 UTC
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1553

Comment 25 errata-xmlrpc 2024-02-22 16:47:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0952 https://access.redhat.com/errata/RHSA-2024:0952

Comment 26 errata-xmlrpc 2024-02-26 00:22:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0955 https://access.redhat.com/errata/RHSA-2024:0955

Comment 27 errata-xmlrpc 2024-02-26 01:37:54 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2024:0958 https://access.redhat.com/errata/RHSA-2024:0958

Comment 28 errata-xmlrpc 2024-02-26 01:41:03 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2024:0959 https://access.redhat.com/errata/RHSA-2024:0959

Comment 29 errata-xmlrpc 2024-02-26 01:45:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2024:0957 https://access.redhat.com/errata/RHSA-2024:0957

Comment 30 errata-xmlrpc 2024-02-26 02:08:16 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0963 https://access.redhat.com/errata/RHSA-2024:0963

Comment 31 errata-xmlrpc 2024-02-26 02:14:29 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0960 https://access.redhat.com/errata/RHSA-2024:0960

Comment 32 errata-xmlrpc 2024-02-26 02:14:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:0969 https://access.redhat.com/errata/RHSA-2024:0969

Comment 33 errata-xmlrpc 2024-02-26 02:15:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:0961 https://access.redhat.com/errata/RHSA-2024:0961

Comment 34 errata-xmlrpc 2024-02-26 02:15:16 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2024:0971 https://access.redhat.com/errata/RHSA-2024:0971

Comment 35 errata-xmlrpc 2024-02-26 02:15:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:0970 https://access.redhat.com/errata/RHSA-2024:0970

Comment 36 errata-xmlrpc 2024-02-26 02:16:00 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0964 https://access.redhat.com/errata/RHSA-2024:0964

Comment 37 errata-xmlrpc 2024-02-26 02:16:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2024:0972 https://access.redhat.com/errata/RHSA-2024:0972

Comment 38 errata-xmlrpc 2024-02-26 02:16:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:0962 https://access.redhat.com/errata/RHSA-2024:0962

Comment 39 errata-xmlrpc 2024-02-26 02:17:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:0968 https://access.redhat.com/errata/RHSA-2024:0968

Comment 40 errata-xmlrpc 2024-02-26 04:27:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2024:0976 https://access.redhat.com/errata/RHSA-2024:0976

Comment 41 errata-xmlrpc 2024-02-26 09:48:05 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0983 https://access.redhat.com/errata/RHSA-2024:0983

Comment 42 errata-xmlrpc 2024-02-26 09:48:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:0984 https://access.redhat.com/errata/RHSA-2024:0984


Note You need to log in before you can comment on or make changes to this bug.