Mageia 8: 2022-0094 Moderate: Thunderbird Use-After-Free Issues

mageia

March 8, 2022

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free (CVE-2022-26485)

Summary

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free (CVE-2022-26485).
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape (CVE-2022-26486).

References

- https://bugs.mageia.org/show_bug.cgi?id=30129

- https://www.thunderbird.net/en-US/thunderbird/91.6.2/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/

- https://www.cve.org/CVERecord?id=CVE-2022-26485

- https://www.cve.org/CVERecord?id=CVE-2022-26486

Topics Covered

security advisory moderate exploit Thunderbird use-after-free Mageia

Resolution

SRPMS

- 8/core/thunderbird-91.6.2-1.mga8

- 8/core/thunderbird-l10n-91.6.2-1.mga8

Publication date: 08 Mar 2022

URL: https://advisories.mageia.org/MGASA-2022-0094.html

Type: security

CVE: CVE-2022-26485, CVE-2022-26486

Topics Covered

security advisory moderate exploit Thunderbird use-after-free Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: 2022-0094 Moderate: Thunderbird Use-After-Free Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: 2022-0094 Moderate: Thunderbird Use-After-Free Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!