Описание
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
A flaw was found in Mozilla Firefox and Thunderbird. When parsing and validating SCTP chunks in WebRTC a memory buffer overflow could occur leading to memory corruption and an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 5 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2020:2036 | 06.05.2020 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2020:2049 | 11.05.2020 |
| Red Hat Enterprise Linux 6 Supplementary | chromium-browser | Fixed | RHSA-2020:2064 | 11.05.2020 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2020:2037 | 06.05.2020 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2020:2050 | 11.05.2020 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2020:2031 | 06.05.2020 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2020:2046 | 11.05.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | firefox | Fixed | RHSA-2020:2033 | 06.05.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
A buffer overflow could occur when parsing and validating SCTP chunks ...
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
Уязвимость механизма проверки фрагментов SCTP в WebRTC веб-браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
9.8 Critical
CVSS3