CVE-2023-25751

CVE-2023-25751 affects Firefox and Thunderbird: root cause is incorrect code generation during JIT code invalidation when following an iterator, which could lead to a potentially exploitable crash. Affected: Firefox <=111 and Firefox ESR <=102.8/9, Thunderbird

Updated firefox packages fix security vulnerability

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash CVE-2023-25751. When accessing throttled streams, the count of available bytes needed to be checked in the calling...

MGASA-2023-0111 Updated firefox packages fix security vulnerability

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash CVE-2023-25751. When accessing throttled streams, the count of available bytes needed to be checked in the calling...

Mozilla: Incorrect code generation during JIT compilation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:0835-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0835-1 advisory. - By displaying a prompt with a long description, the fullscreen notification could have been...

CVE-2023-25751

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash...

CVE-2023-25751

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

UBUNTU-CVE-2023-25751

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5954-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5954-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

Mozilla Thunderbird < 102.9

The version of Thunderbird installed on the remote Windows host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-073-01)

The version of mozilla-firefox installed on the remote host is prior to 102.9.0esr / 111.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-073-01 advisory. - Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be...

Mozilla: Incorrect AliasSet used in JIT Codegen

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability, this could have been used for an out-of-bounds memory read...

Null pointer dereference

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service...

Heap overflow

An issue was discovered in libxsmm through v1.16.1-93. The JIT code has a heap-based buffer overflow...

CVE-2021-39536

CVE-2021-39536: A heap-based buffer overflow in libxsmm’s JIT code affects libxsmm up to v1.16.1-93. The NVD entry confirms a heap-based overflow with CVSS details (high impact on confidentiality, integrity, availability per the 3.1 score). Connected advisories (TencentOS Server 4 and Tencent Lin...

CVE-2021-39535

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service...

SUSE: Security Advisory (SUSE-SU-2017:0426-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-2208

CVE-2019-2208 affects Android components (Android 8.1 and 9) with a flaw in V8 JIT code during PromiseBuiltinsAssembler::NewPromiseCapability, causing an out-of-bounds read. This can lead to remote information disclosure without user interaction or privileges. The connected records confirm the is...

Mozilla Firefox ESR < 31.5.2 JIT Code Execution

Binary data 701253.prm...

JSC Exploits

Posted by Samuel Groß, Project Zero In this post, we will take a look at the WebKit exploits used to gain an initial foothold onto the iOS device and stage the privilege escalation exploits. All exploits here achieve shellcode execution inside the sandboxed renderer process WebContent on iOS...