CVE-2023-3600

Опубликовано: 11 июл. 2023

Источник: redhat

CVSS3: 8.8

Описание

During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.

The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	firefox	Not affected
Red Hat Enterprise Linux 6	thunderbird	Not affected
Red Hat Enterprise Linux 7	thunderbird	Fixed	RHSA-2023:5475	05.10.2023
Red Hat Enterprise Linux 7	firefox	Fixed	RHSA-2023:5477	05.10.2023
Red Hat Enterprise Linux 8	thunderbird	Fixed	RHSA-2023:5428	04.10.2023
Red Hat Enterprise Linux 8	firefox	Fixed	RHSA-2023:5433	04.10.2023
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	thunderbird	Fixed	RHSA-2023:5438	04.10.2023
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	firefox	Fixed	RHSA-2023:5440	04.10.2023
Red Hat Enterprise Linux 8.2 Advanced Update Support	firefox	Fixed	RHSA-2023:5426	04.10.2023
Red Hat Enterprise Linux 8.2 Advanced Update Support	thunderbird	Fixed	RHSA-2023:5432	04.10.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2222652firefox: use-after-free in workers

8.8 High

CVSS3

Связанные уязвимости

CVE-2023-3600

CVSS3: 8.8

ubuntu

почти 2 года назад

CVE-2023-3600

CVSS3: 8.8

nvd

почти 2 года назад

CVE-2023-3600

CVSS3: 8.8

debian

почти 2 года назад

During the worker lifecycle, a use-after-free condition could have occ ...

SUSE-SU-2023:2960-1

suse-cvrf

почти 2 года назад

Security update for MozillaFirefox

SUSE-SU-2023:2959-1

suse-cvrf

почти 2 года назад

Security update for MozillaFirefox

8.8 High

CVSS3