Updated firefox packages fix security vulnerability
Publication date: 24 Mar 2023Modification date: 24 Mar 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-25751 , CVE-2023-25752 , CVE-2023-28162 , CVE-2023-28164 , CVE-2023-28176
Description
Sometimes, when invalidating JIT code while following an iterator, the newly
generated code could be overwritten incorrectly. This could lead to a
potentially exploitable crash (CVE-2023-25751).
When accessing throttled streams, the count of available bytes needed to be
checked in the calling function to be within bounds. This may have lead
future code to be incorrect and vulnerable (CVE-2023-25752).
While implementing on AudioWorklets, some code may have casted one type to
another, invalid, dynamic type. This could have lead to a potentially
exploitable crash (CVE-2023-28162).
Dragging a URL from a cross-origin iframe that was removed during the drag
could have lead to user confusion and website spoofing attacks
(CVE-2023-28164).
Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing
Team reported memory safety bugs present in Firefox ESR 102.8. Some of these
bugs showed evidence of memory corruption and we presume that with enough
effort some of these could have been exploited to run arbitrary code
(CVE-2023-28176).
References
- https://bugs.mageia.org/show_bug.cgi?id=31663
- https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/HcRrYgEdGIo
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_89.html
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176
SRPMS
8/core
- firefox-102.9.0-1.mga8
- firefox-l10n-102.9.0-1.mga8
- nss-3.89.0-1.mga8