[SUSE-SU-2024:1002-1] Security update for MozillaFirefox
Severity
Critical
Affected Packages
56
CVEs
19
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850).
- CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852).
Firefox Extended Support Release 115.9.0 ESR (bsc#1221327):
- CVE-2024-0743: Crash in NSS TLS method (bmo#1867408).
- CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920).
- CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939).
- CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692).
- CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197).
- CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432).
- CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112).
- CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675).
- CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444).
- CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093).
- ID
- SUSE-SU-2024:1002-1
- Severity
- critical
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20241002-1/
- Published
-
2024-03-27T02:04:51
(5 months ago) - Modified
-
2024-03-27T02:04:51
(5 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2024-1907
- ALAS2-2024-2419
- ALAS2-2024-2477
- ALAS2-2024-2505
- ALPINE:CVE-2023-5388
- ALPINE:CVE-2024-0743
- ALPINE:CVE-2024-1546
- ALPINE:CVE-2024-1547
- ALPINE:CVE-2024-1548
- ALPINE:CVE-2024-1549
- ALPINE:CVE-2024-1550
- ALPINE:CVE-2024-1551
- ALPINE:CVE-2024-1552
- ALPINE:CVE-2024-1553
- ALPINE:CVE-2024-2605
- ALPINE:CVE-2024-2607
- ALPINE:CVE-2024-2608
- ALPINE:CVE-2024-2610
- ALPINE:CVE-2024-2611
- ALPINE:CVE-2024-2612
- ALPINE:CVE-2024-2614
- ALPINE:CVE-2024-2616
- ALPINE:CVE-2024-29944
- ALSA-2024:0105
- ALSA-2024:0108
- ALSA-2024:0952
- ALSA-2024:0955
- ALSA-2024:0963
- ALSA-2024:0964
- ALSA-2024:1484
- ALSA-2024:1485
- ALSA-2024:1493
- ALSA-2024:1494
- DSA-5627-1
- DSA-5630-1
- DSA-5643-1
- DSA-5644-1
- DSA-5645-1
- ELSA-2024-0105
- ELSA-2024-0108
- ELSA-2024-0952
- ELSA-2024-0955
- ELSA-2024-0957
- ELSA-2024-0963
- ELSA-2024-0964
- ELSA-2024-0976
- ELSA-2024-1484
- ELSA-2024-1485
- ELSA-2024-1486
- ELSA-2024-1493
- ELSA-2024-1494
- ELSA-2024-1498
- GLSA-202402-26
- GLSA-202405-15
- GLSA-202405-32
- GLSA-202407-22
- MFSA-2024-01
- MFSA-2024-05
- MFSA-2024-06
- MFSA-2024-07
- MFSA-2024-12
- MFSA-2024-13
- MFSA-2024-14
- MFSA-2024-15
- MFSA-2024-16
- RHSA-2024:0105
- RHSA-2024:0108
- RHSA-2024:0952
- RHSA-2024:0955
- RHSA-2024:0957
- RHSA-2024:0963
- RHSA-2024:0964
- RHSA-2024:0976
- RHSA-2024:1484
- RHSA-2024:1485
- RHSA-2024:1486
- RHSA-2024:1493
- RHSA-2024:1494
- RHSA-2024:1498
- RLSA-2024:0105
- RLSA-2024:0955
- RLSA-2024:1484
- RLSA-2024:1494
- SSA:2024-051-01
- SSA:2024-052-01
- SSA:2024-079-02
- SSA:2024-079-03
- SSA:2024-083-01
- SUSE-SU-2024:0578-1
- SUSE-SU-2024:0579-1
- SUSE-SU-2024:0580-1
- SUSE-SU-2024:0597-1
- SUSE-SU-2024:0607-1
- SUSE-SU-2024:0608-1
- SUSE-SU-2024:0971-1
- SUSE-SU-2024:1000-1
- SUSE-SU-2024:1147-1
- SUSE-SU-2024:2600-1
- USN-6610-1
- USN-6649-1
- USN-6669-1
- USN-6703-1
- USN-6710-1
- USN-6717-1
- USN-6727-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=4 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=3 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=2 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=4 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=3 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=2 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=4 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=3 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=2 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=4 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=3 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=2 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaFirefox | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-other | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=4 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=3 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=2 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-translations-common | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=4 | suse | MozillaFirefox-devel | < 115.9.1-150200.152.131.1 | sles-15 | noarch | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=3 | suse | MozillaFirefox-devel | < 115.9.1-150200.152.131.1 | sles-15 | noarch | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=2 | suse | MozillaFirefox-devel | < 115.9.1-150200.152.131.1 | sles-15 | noarch | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=opensuse-leap-15.5 | suse | MozillaFirefox-devel | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | noarch | |
Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-branding-upstream | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaFirefox-branding-upstream | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaFirefox-branding-upstream | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaFirefox-branding-upstream | < 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |