[SUSE-SU-2024:1002-1] Security update for MozillaFirefox
Severity
Critical
Affected Packages
56
CVEs
19
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850).
- CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852).
Firefox Extended Support Release 115.9.0 ESR (bsc#1221327):
- CVE-2024-0743: Crash in NSS TLS method (bmo#1867408).
- CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920).
- CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939).
- CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692).
- CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197).
- CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432).
- CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112).
- CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675).
- CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444).
- CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093).
- ID
- SUSE-SU-2024:1002-1
- Severity
- critical
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20241002-1/
- Published
-
2024-03-27T02:04:51
(5 months ago) - Modified
-
2024-03-27T02:04:51
(5 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2024-1907
-
ALAS2-2024-2419
-
ALAS2-2024-2477
-
ALAS2-2024-2505
-
ALPINE:CVE-2023-5388
-
ALPINE:CVE-2024-0743
-
ALPINE:CVE-2024-1546
-
ALPINE:CVE-2024-1547
-
ALPINE:CVE-2024-1548
-
ALPINE:CVE-2024-1549
-
ALPINE:CVE-2024-1550
-
ALPINE:CVE-2024-1551
-
ALPINE:CVE-2024-1552
-
ALPINE:CVE-2024-1553
-
ALPINE:CVE-2024-2605
-
ALPINE:CVE-2024-2607
-
ALPINE:CVE-2024-2608
-
ALPINE:CVE-2024-2610
-
ALPINE:CVE-2024-2611
-
ALPINE:CVE-2024-2612
-
ALPINE:CVE-2024-2614
-
ALPINE:CVE-2024-2616
-
ALPINE:CVE-2024-29944
-
ALSA-2024:0105
-
ALSA-2024:0108
-
ALSA-2024:0952
-
ALSA-2024:0955
-
ALSA-2024:0963
-
ALSA-2024:0964
-
ALSA-2024:1484
-
ALSA-2024:1485
-
ALSA-2024:1493
-
ALSA-2024:1494
-
DSA-5627-1
-
DSA-5630-1
-
DSA-5643-1
-
DSA-5644-1
-
DSA-5645-1
-
ELSA-2024-0105
-
ELSA-2024-0108
-
ELSA-2024-0952
-
ELSA-2024-0955
-
ELSA-2024-0957
-
ELSA-2024-0963
-
ELSA-2024-0964
-
ELSA-2024-0976
-
ELSA-2024-1484
-
ELSA-2024-1485
-
ELSA-2024-1486
-
ELSA-2024-1493
-
ELSA-2024-1494
-
ELSA-2024-1498
-
GLSA-202402-26
-
GLSA-202405-15
-
GLSA-202405-32
-
GLSA-202407-22
-
MFSA-2024-01
-
MFSA-2024-05
-
MFSA-2024-06
-
MFSA-2024-07
-
MFSA-2024-12
-
MFSA-2024-13
-
MFSA-2024-14
-
MFSA-2024-15
-
MFSA-2024-16
-
RHSA-2024:0105
-
RHSA-2024:0108
-
RHSA-2024:0952
-
RHSA-2024:0955
-
RHSA-2024:0957
-
RHSA-2024:0963
-
RHSA-2024:0964
-
RHSA-2024:0976
-
RHSA-2024:1484
-
RHSA-2024:1485
-
RHSA-2024:1486
-
RHSA-2024:1493
-
RHSA-2024:1494
-
RHSA-2024:1498
-
RLSA-2024:0105
-
RLSA-2024:0955
-
RLSA-2024:1484
-
RLSA-2024:1494
-
SSA:2024-051-01
-
SSA:2024-052-01
-
SSA:2024-079-02
-
SSA:2024-079-03
-
SSA:2024-083-01
-
SUSE-SU-2024:0578-1
-
SUSE-SU-2024:0579-1
-
SUSE-SU-2024:0580-1
-
SUSE-SU-2024:0597-1
-
SUSE-SU-2024:0607-1
-
SUSE-SU-2024:0608-1
-
SUSE-SU-2024:0971-1
-
SUSE-SU-2024:1000-1
-
SUSE-SU-2024:1147-1
-
SUSE-SU-2024:2600-1
-
USN-6610-1
-
USN-6649-1
-
USN-6669-1
-
USN-6703-1
-
USN-6710-1
-
USN-6717-1
-
USN-6727-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=4 | suse |
 MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=3 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-15&sp=2 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=4 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=3 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-15&sp=2 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=4 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=3 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-15&sp=2 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=4 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=3 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-15&sp=2 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-other?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-other
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=4 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=3 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-15&sp=2 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-translations-common
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=4 | suse |
MozillaFirefox-devel
|
< 115.9.1-150200.152.131.1 | sles-15 | noarch | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=3 | suse |
MozillaFirefox-devel
|
< 115.9.1-150200.152.131.1 | sles-15 | noarch | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=sles-15&sp=2 | suse |
MozillaFirefox-devel
|
< 115.9.1-150200.152.131.1 | sles-15 | noarch | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=noarch&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-devel
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | noarch | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-branding-upstream
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-branding-upstream
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-branding-upstream
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-upstream?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaFirefox-branding-upstream
|
< 115.9.1-150200.152.131.1 | opensuse-leap-15.5 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |