{
  "schema_version": "1.7.0",
  "id": "MGASA-2026-0124",
  "published": "2026-05-09T16:24:29Z",
  "modified": "2026-05-09T15:37:42Z",
  "summary": "Updated rootcerts, nss & firefox packages fix security vulnerabilities",
  "details": "Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746)\nUse-after-free in the WebRTC component. (CVE-2026-6747)\nUninitialized memory in the Audio/Video: Web Codecs component.\n(CVE-2026-6748)\nInformation disclosure due to uninitialized memory in the Graphics:\nCanvas2D component. (CVE-2026-6749)\nPrivilege escalation in the Graphics: WebRender component.\n(CVE-2026-6750)\nUninitialized memory in the Audio/Video: Web Codecs component.\n(CVE-2026-6751)\nIncorrect boundary conditions in the WebRTC component. (CVE-2026-6752)\nIncorrect boundary conditions in the WebRTC component. (CVE-2026-6753)\nUse-after-free in the JavaScript Engine component. (CVE-2026-6754)\nInvalid pointer in the JavaScript: WebAssembly component.\n(CVE-2026-6757)\nUse-after-free in the Widget: Cocoa component. (CVE-2026-6759)\nPrivilege escalation in the Networking component. (CVE-2026-6761)\nSpoofing issue in the DOM: Core & HTML component. (CVE-2026-6762)\nMitigation bypass in the File Handling component. (CVE-2026-6763)\nIncorrect boundary conditions in the DOM: Device Interfaces component.\n(CVE-2026-6764)\nInformation disclosure in the Form Autofill component. (CVE-2026-6765)\nIncorrect boundary conditions in the Libraries component in NSS.\n(CVE-2026-6766)\nOther issue in the Libraries component in NSS. (CVE-2026-6767)\nPrivilege escalation in the Debugger component. (CVE-2026-6769)\nOther issue in the Storage: IndexedDB component. (CVE-2026-6770)\nMitigation bypass in the DOM: Security component. (CVE-2026-6771)\nIncorrect boundary conditions in the Libraries component in NSS.\n(CVE-2026-6772)\nIncorrect boundary conditions in the WebRTC: Networking component.\n(CVE-2026-6776)\nMemory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10,\nThunderbird ESR 140.10, Firefox 150 and Thunderbird 150. (CVE-2026-6785)\nMemory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10,\nFirefox 150 and Thunderbird 150. (CVE-2026-6786)\nInformation disclosure due to incorrect boundary conditions in the\nAudio/Video component. (CVE-2026-7320)\nSandbox escape due to incorrect boundary conditions in the WebRTC:\nNetworking component. (CVE-2026-7321)\nMemory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1\nand Firefox 150.0.1. (CVE-2026-7322)\nMemory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1.\n(CVE-2026-7323)\n",
  "upstream": [
    "CVE-2026-6746",
    "CVE-2026-6747",
    "CVE-2026-6748",
    "CVE-2026-6749",
    "CVE-2026-6750",
    "CVE-2026-6751",
    "CVE-2026-6752",
    "CVE-2026-6753",
    "CVE-2026-6754",
    "CVE-2026-6757",
    "CVE-2026-6759",
    "CVE-2026-6761",
    "CVE-2026-6762",
    "CVE-2026-6763",
    "CVE-2026-6764",
    "CVE-2026-6765",
    "CVE-2026-6766"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2026-0124.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=35403"
    },
    {
      "type": "WEB",
      "url": "https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123.html"
    },
    {
      "type": "WEB",
      "url": "https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123_1.html"
    },
    {
      "type": "WEB",
      "url": "https://www.firefox.com/en-US/firefox/140.10.0/releasenotes/"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/"
    },
    {
      "type": "WEB",
      "url": "https://www.firefox.com/en-US/firefox/140.10.1/releasenotes/"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-36/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "rootcerts",
        "purl": "pkg:rpm/mageia/rootcerts?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "20260412.00-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "nss",
        "purl": "pkg:rpm/mageia/nss?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.123.1-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "firefox",
        "purl": "pkg:rpm/mageia/firefox?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.10.1-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "firefox-l10n",
        "purl": "pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.10.1-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}