Описание
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
Пакеты
Пакет | Статус | Версия исправления | Релиз | Тип |
---|---|---|---|---|
firefox | fixed | 91.0-1 | package | |
firefox-esr | fixed | 78.13.0esr-1 | package | |
thunderbird | fixed | 1:78.13.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2021-33/#CVE-2021-29985
https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/#CVE-2021-29985
https://www.mozilla.org/en-US/security/advisories/mfsa2021-36/#CVE-2021-29985
EPSS
Связанные уязвимости
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.
Уязвимость метода MediaCacheStream::NotifyDataReceived почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код в целевой системе
EPSS