Lucene search

UbuntuUSN-6992-1

HistorySep 05, 2024 - 12:00 a.m.

Firefox vulnerabilities

2024-09-0500:00:00

ubuntu.com

firefox

ubuntu 20.04 lts

security issues

denial of service

information theft

arbitrary code execution

cve-2024-8382

cve-2024-8383

cve-2024-8386

cve-2024-8387

cve-2024-8389

type confusion vulnerability

memory management vulnerability

arraytypes vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

Low

EPSS

0.001

Percentile

44.1%

JSON

Releases

Ubuntu 20.04 LTS

Packages

firefox - Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-8382,
CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389)

Nils Bars discovered that Firefox contained a type confusion vulnerability
when performing certain property name lookups. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-8381)

It was discovered that Firefox did not properly manage memory during
garbage collection. An attacker could potentially exploit this issue to
cause a denial of service, or execute arbitrary code. (CVE-2024-8384)

Seunghyun Lee discovered that Firefox contained a type confusion
vulnerability when handling certain ArrayTypes. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-8385)

OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchfirefox< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dbg< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dev< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-geckodriver< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-af< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-an< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ar< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-as< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ast< 130.0+build2-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-az< 130.0+build2-0ubuntu0.20.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	20.04	noarch	firefox	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-dbg	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-dev	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-geckodriver	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-af	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-an	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-ar	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-as	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-ast	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN
Ubuntu	20.04	noarch	firefox-locale-az	< 130.0+build2-0ubuntu0.20.04.1	UNKNOWN