Lucene search
RedHatRHSA-2023:5433HistoryOct 04, 2023 - 10:50 a.m.
(RHSA-2023:5433) Important: firefox security update
2023-10-0410:50:52
access.redhat.com
29
firefox
security update
version 115.3.1
cve
open-source
web browser
standards compliance
performance
portability
workers
out-of-bounds write
use-after-free
ion compiler
memory safety bugs
libvpx
heap buffer overflow
0.296 Low
EPSS
Percentile
96.9%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.3.1 ESR.
Security Fix(es):
-
firefox: use-after-free in workers (CVE-2023-3600)
-
Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169)
-
Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171)
-
Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176)
-
libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | x86_64 | firefox | < 115.3.1-1.el8_8 | firefox-115.3.1-1.el8_8.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox-debuginfo | < 115.3.1-1.el8_8 | firefox-debuginfo-115.3.1-1.el8_8.ppc64le.rpm |
| RedHat | 8 | aarch64 | firefox | < 115.3.1-1.el8_8 | firefox-115.3.1-1.el8_8.aarch64.rpm |
| RedHat | 8 | s390x | firefox | < 115.3.1-1.el8_8 | firefox-115.3.1-1.el8_8.s390x.rpm |
| RedHat | 8 | s390x | firefox-debugsource | < 115.3.1-1.el8_8 | firefox-debugsource-115.3.1-1.el8_8.s390x.rpm |
| RedHat | 8 | x86_64 | firefox-debugsource | < 115.3.1-1.el8_8 | firefox-debugsource-115.3.1-1.el8_8.x86_64.rpm |
| RedHat | 8 | ppc64le | firefox | < 115.3.1-1.el8_8 | firefox-115.3.1-1.el8_8.ppc64le.rpm |
| RedHat | 8 | ppc64le | firefox-debugsource | < 115.3.1-1.el8_8 | firefox-debugsource-115.3.1-1.el8_8.ppc64le.rpm |
| RedHat | 8 | aarch64 | firefox-debuginfo | < 115.3.1-1.el8_8 | firefox-debuginfo-115.3.1-1.el8_8.aarch64.rpm |
| RedHat | 8 | s390x | firefox-debuginfo | < 115.3.1-1.el8_8 | firefox-debuginfo-115.3.1-1.el8_8.s390x.rpm |
Related
nessus
nessus
RHEL 7 : firefox (RHSA-2023:5477)
2023-10-05 00:00:00
RHEL 8 : thunderbird (RHSA-2023:5438)
2023-10-04 00:00:00
Oracle Linux 9 : firefox (ELSA-2023-5434)
2023-10-05 00:00:00
oraclelinux
oraclelinux
firefox security update
2023-10-13 00:00:00
thunderbird security update
2023-10-13 00:00:00
thunderbird security update
2023-10-05 00:00:00
almalinux
almalinux
Important: firefox security update
2023-10-04 00:00:00
Important: thunderbird security update
2023-10-04 00:00:00
redhat
redhat
(RHSA-2023:5475) Important: thunderbird security update
2023-10-05 13:52:19
(RHSA-2023:5430) Important: thunderbird security update
2023-10-04 10:47:19
(RHSA-2023:5426) Important: firefox security update
2023-10-04 10:43:29
osv
osv
Important: thunderbird security update
2023-10-05 21:35:15
Important: thunderbird security update
2023-10-04 00:00:00
Important: thunderbird security update
2023-10-05 21:35:58
rocky
rocky
thunderbird security update
2023-10-05 21:35:58
thunderbird security update
2023-10-05 21:35:15
mageia
mageia
Updated Firefox and Thunderbird packages fix security vulnerabilities
2023-10-10 20:21:41
openvas
openvas
Debian: Security Advisory (DLA-3601-1)
2023-10-09 00:00:00
Mageia: Security Advisory (MGASA-2023-0285)
2023-10-11 00:00:00
Debian: Security Advisory (DSA-5513-1)
2023-10-04 00:00:00
debian
debian
[SECURITY] [DSA 5513-1] thunderbird security update
2023-10-03 15:53:49
[SECURITY] [DSA 5506-1] firefox-esr security update
2023-09-28 18:46:14
[SECURITY] [DSA 5509-1] firefox-esr security update
2023-09-29 17:55:10
slackware
slackware
[slackware-security] mozilla-firefox
2023-09-26 19:39:20
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.3 — Mozilla
2023-09-26 00:00:00
Security Vulnerabilities fixed in Firefox 118 — Mozilla
2023-09-26 00:00:00
kaspersky
kaspersky
KLA60813 Multiple vulnerabilities in Mozilla Firefox ESR
2023-09-26 00:00:00
KLA60814 Multiple vulnerabilities in Mozilla Thunderbird
2023-09-26 00:00:00
KLA60812 Multiple vulnerabilities in Mozilla Firefox
2023-09-26 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2023-10-03 00:00:00
Firefox vulnerabilities
2023-10-03 00:00:00
Firefox regressions
2023-10-11 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: firefox-118.0.1-4.fc39
2023-10-05 21:16:09
[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38
2023-10-01 04:55:42
[SECURITY] Fedora 39 Update: libvpx-1.13.0-5.fc39
2023-10-02 00:16:31
prion
prion
Out-of-bounds
2023-09-27 15:19:00
Memory corruption
2023-09-27 15:19:00
Design/Logic Flaw
2023-09-27 15:19:00
cvelist
cvelist
veracode
veracode
Denial Of Service (DoS)
2023-10-02 19:13:37
Denial Of Service (DoS)
2023-10-02 19:12:51
Memory Corruptions
2023-10-02 19:12:45
cnvd
cnvd
Mozilla Firefox Memory Corruption Vulnerability (CNVD-2023-74540)
2023-10-07 00:00:00
alpinelinux
alpinelinux
redhatcve
redhatcve
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
github
github
Electron affected by libvpx's heap buffer overflow in vp8 encoding
2023-09-28 18:30:45
CefSharp affected by libvpx's heap buffer overflow in vp8 encoding
2023-10-05 13:22:50
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 10:43:38
attackerkb
attackerkb
CVE-2023-5217
2023-09-28 00:00:00
redos
redos
ROS-20231016-04
2023-10-16 00:00:00