Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Mageia: 2021-0505 Critical: Firefox Memory Corruption and UI Spoofing

mageia
Calendar Grey November 10, 2021
Dist Mageia Esm H88
New versions of Firefox made available for Mageia 8 tackle various security vulnerabilities, reinforcing the browser's robustness and user protection.
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame (CVE-...

Summary

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame (CVE-2021-38503).
When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash (CVE-2021-38504).
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing (CVE-2021-38506).
The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently upgraded to TLS while retaining the visual properties of an HTTP connection, including being same-origin with unencrypted connections on port 80. However, if a second encrypted port on the same IP address (e.g. port 8443) did not opt-in to opportunistic encryption; a network attacke...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=29621

- https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_72.html

- https://www.cve.org/CVERecord?id=CVE-2021-38503

- https://www.cve.org/CVERecord?id=CVE-2021-38504

- https://www.cve.org/CVERecord?id=CVE-2021-38506

- https://www.cve.org/CVERecord?id=CVE-2021-38507

- https://www.cve.org/CVERecord?id=CVE-2021-38508

- https://www.cve.org/CVERecord?id=CVE-2021-38509

Resolution

SRPMS

- 8/core/firefox-91.3.0-1.mga8

- 8/core/firefox-l10n-91.3.0-1.mga8

- 8/core/nss-3.72.0-1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 10 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0505.html
Type: security
CVE: CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here