Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 2024-0269 Critical: NSS and Firefox Memory Corruption Issues

mageia
Calendar Grey July 16, 2024
Dist Mageia Esm H88
Mageia 2024-0270 addresses vulnerabilities related to memory safety and additional security concerns in Firefox and NSS. Upgrade immediately for improved protection.
Memory corruption in WebGL API

Summary

Memory corruption in WebGL API. (CVE-2024-6600) Race condition in permission assignment. (CVE-2024-6601) Memory corruption in NSS. (CVE-2024-6602) Memory corruption in thread creation. (CVE-2024-6603) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. (CVE-2024-6604)

References

- https://bugs.mageia.org/show_bug.cgi?id=33386

- https://www.firefox.com/en-US/firefox/115.13.0/releasenotes/?redirect_source=mozilla-org

- https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_102.html

- https://www.cve.org/CVERecord?id=CVE-2024-6600

- https://www.cve.org/CVERecord?id=CVE-2024-6601

- https://www.cve.org/CVERecord?id=CVE-2024-6602

- https://www.cve.org/CVERecord?id=CVE-2024-6603

- https://www.cve.org/CVERecord?id=CVE-2024-6604

Topics%20covered

Topics Covered

security advisory memory corruption race condition Firefox NSS thread safety Mageia

Resolution

SRPMS

- 9/core/nss-3.102.0-1.mga9

- 9/core/firefox-115.13.0-1.mga9

- 9/core/firefox-l10n-115.13.0-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 16 Jul 2024
URL: https://advisories.mageia.org/MGASA-2024-0269.html
Type: security
CVE: CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603, CVE-2024-6604

Topics%20covered

Topics Covered

security advisory memory corruption race condition Firefox NSS thread safety Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here