firefox-115.12.0-1.0.1.el7.AXS7

エラータID: AXSA:2024-8407:20

Release date: 
Thursday, June 20, 2024 - 14:39
Subject: 
firefox-115.12.0-1.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.12.0 ESR.

Security Fix(es):

* firefox: Use-after-free in networking (CVE-2024-5702)
* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)
* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)
* firefox: Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)
* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)
* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)
* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.

Solution: 

Update packages.

CVEs: 
CVE-2024-5688
If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5690
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5691
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5693
Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5696
By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5700
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-5702
Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.
Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-115.12.0-1.0.1.el7.AXS7.src.rpm
    MD5: 1bab2c62994194bb138f723a60159a89
    SHA-256: 9065d75bcbf84a980fc9003c5e91ef79db0880126288849d6c9062c348a6d337
    Size: 705.20 MB

Asianux Server 7 for x86_64
  1. firefox-115.12.0-1.0.1.el7.AXS7.i686.rpm
    MD5: 5dc41299405d776dc01bea1d5a0a2598
    SHA-256: 3776ab6b92fbd712de3d5d4feff08184e74918d49d41669f0aec182bdecdd312
    Size: 119.79 MB
  2. firefox-115.12.0-1.0.1.el7.AXS7.x86_64.rpm
    MD5: 1f9f58a1bcf96d374ec1c3eb78144470
    SHA-256: b5afef5968987133f646c7ad22a6ba57e27ee45cbc125ee22dbe67ed99678f12
    Size: 116.09 MB