firefox-115.14.0-2.0.1.el7.AXS7

エラータID: AXSA:2024-8710:29

リリース日: 
2024/08/26 Monday - 16:41
題名: 
firefox-115.14.0-2.0.1.el7.AXS7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance, and portability.

Security Fix(es):

* Firefox: 115.14/128.1 ESR ()
* mozilla: Fullscreen notification dialog can be obscured by document content
(CVE-2024-7518)
* mozilla: Out of bounds memory access in graphics shared memory handling
(CVE-2024-7519)
* mozilla: Type confusion in WebAssembly (CVE-2024-7520)
* mozilla: Incomplete WebAssembly exception handing (CVE-2024-7521)
* mozilla: Out of bounds read in editor component (CVE-2024-7522)
* mozilla: CSP strict-dynamic bypass using web-compatibility shims
(CVE-2024-7524)
* mozilla: Missing permission check when creating a StreamFilter
(CVE-2024-7525)
* mozilla: Uninitialized memory used by WebGL (CVE-2024-7526)
* mozilla: Use-after-free in JavaScript garbage collection (CVE-2024-7527)
* mozilla: Use-after-free in IndexedDB (CVE-2024-7528)
* mozilla: Document content could partially obscure security prompts
(CVE-2024-7529)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be
used by a malicious site to perform a spoofing attack. This vulnerability
affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to
memory corruption. This could be leveraged by an attacker to perform a sandbox
escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox
ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to
potentially achieve code execution. This vulnerability affects Firefox < 129,
Firefox ESR < 128.1, and Thunderbird < 128.1.
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free.
This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR <
128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an
out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR <
115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked
by Enhanced Tracking Protection. On a site protected by Content Security Policy
in "strict-dynamic" mode, an attacker able to inject an HTML element could have
used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing
the CSP strict-dynamic protection. This vulnerability affects Firefox < 129,
Firefox ESR < 115.14, and Firefox ESR < 128.1.
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a
`StreamFilter` which could be used to read and modify the response body of
requests on any site. This vulnerability affects Firefox < 129, Firefox ESR <
115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7526
ANGLE failed to initialize parameters which led to reading from uninitialized
memory. This could be leveraged to leak sensitive data from memory. This
vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1,
Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a
use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14,
Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a
use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1,
and Thunderbird < 128.1.
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by
a malicious site to trick a user into granting permissions. This vulnerability
affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird <
128.1, and Thunderbird < 115.14.

解決策: 

Update packages.

CVE: 
CVE-2024-7518
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
CVE-2024-7519
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7520
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
CVE-2024-7521
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7522
Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
CVE-2024-7525
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7526
ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7527
Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
CVE-2024-7528
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.
CVE-2024-7529
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
追加情報: 

N/A

ダウンロード: 

Asianux Server 7 for x86_64
  1. firefox-115.14.0-2.0.1.el7.AXS7.i686.rpm
    MD5: 7d7b3f9577818f022347d7d06fbc05e8
    SHA-256: cc239fc08a29748ec5ceff4616417e7b6f1579172e77abccf72d6f4c46c1655d
    Size: 120.21 MB
  2. firefox-115.14.0-2.0.1.el7.AXS7.x86_64.rpm
    MD5: 4f323cd064d3300f9e34c1571b1b0a63
    SHA-256: 34545be7e797c5c035b0320ae4a826d59645ccf9654f953d8c74c564fc259cde
    Size: 116.50 MB