Bug 2362902 (CVE-2025-2817) - CVE-2025-2817 firefox: thunderbird: Privilege escalation in Firefox Updater
Summary: CVE-2025-2817 firefox: thunderbird: Privilege escalation in Firefox Updater
Keywords:
Status: NEW
Alias: CVE-2025-2817
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-04-29 14:01 UTC by OSIDB Bzimport
Modified: 2025-05-05 11:18 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:4443 0 None None None 2025-05-05 01:32:56 UTC
Red Hat Product Errata RHSA-2025:4458 0 None None None 2025-05-05 10:08:43 UTC
Red Hat Product Errata RHSA-2025:4460 0 None None None 2025-05-05 11:18:55 UTC

Description OSIDB Bzimport 2025-04-29 14:01:07 UTC 
Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird ESR < 128.10.
Comment 1 errata-xmlrpc 2025-05-05 01:32:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:4443 https://access.redhat.com/errata/RHSA-2025:4443
Comment 2 errata-xmlrpc 2025-05-05 10:08:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:4458 https://access.redhat.com/errata/RHSA-2025:4458
Comment 3 errata-xmlrpc 2025-05-05 11:18:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:4460 https://access.redhat.com/errata/RHSA-2025:4460
Note You need to log in before you can comment on or make changes to this bug.