Lucene search

UbuntuUSN-6710-2

HistoryApr 04, 2024 - 12:00 a.m.

Firefox regressions

2024-04-0400:00:00

ubuntu.com

firefox

regressions

ubuntu 20.04

vulnerabilities

bounds checking

out-of-bounds write

denial of service

arbitrary code

messagemanager

privileged object

security fix

8.2 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.1%

JSON

Releases

Ubuntu 20.04 LTS

Packages

firefox - Mozilla Open Source web browser

Details

USN-6710-1 fixed vulnerabilities in Firefox. The update introduced
several minor regressions. This update fixes the problem.

Original advisory details:

Manfred Paul discovered that Firefox did not properly perform bounds
checking during range analysis, leading to an out-of-bounds write
vulnerability. A attacker could use this to cause a denial of service,
or execute arbitrary code. (CVE-2024-29943)

Manfred Paul discovered that Firefox incorrectly handled MessageManager
listeners under certain circumstances. An attacker who was able to inject
an event handler into a privileged object may have been able to execute
arbitrary code. (CVE-2024-29944)

OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchfirefox< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dbg< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dev< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-geckodriver< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-af< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-an< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ar< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-as< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ast< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-az< 124.0.2+build1-0ubuntu0.20.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	20.04	noarch	firefox	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-dbg	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-dev	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-geckodriver	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-af	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-an	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-ar	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-as	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-ast	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-az	< 124.0.2+build1-0ubuntu0.20.04.1	UNKNOWN

Rows per page:

1-10 of 991

References

launchpad.net/bugs/2060171