Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Mageia 9 MGASA-2026-0080 NSS Critical Denial of Service Issue

mageia
Calendar Grey April 2, 2026
Dist Mageia Esm H88
Mageia 9 advisory for nss and firefox packages update fixing multiple critical issues including denial of service.
MGASA-2026-0080 - Updated nss & firefox packages fix security vulnerabilities

Summary

Description: Denial-of-service in the XML component. (CVE-2025-59375) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. (CVE-2026-4693) Incorrect boundary conditions, ...

References

- https://bugs.mageia.org/show_bug.cgi?id=35272

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_122.html

- https://www.firefox.com/en-US/firefox/140.9.0/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2026-22/

- https://www.cve.org/CVERecord?id=CVE-2025-59375

- https://www.cve.org/CVERecord?id=CVE-2026-4684

- https://www.cve.org/CVERecord?id=CVE-2026-4685

- https://www.cve.org/CVERecord?id=CVE-2026-4686

- https://www.cve.org/CVERecord?id=CVE-2026-4687

- https://www.cve.org/CVERecord?id=CVE-2026-4688

- https://www.cve.org/CVERecord?id=CVE-2026-4689

- https://www.cve.org/CVERecord?id=CVE-2026-4690

- https://www.cve.org/CVERecord?id=CVE-2026-4691

- https://www.cve.org/CVERecord?id=CVE-2026-4692

- https://www.cve.org/CVERecord?id=CVE-2026-4693

- https://www.cve.org/CVERecord?id=CVE-2026-4694

- https://www.cve.org/CVERecord?id=CVE-2026-4695

- https://www.cve.org/CVERecord?id=CVE-2026-4696

- https://www.cve.org/CVERecord?id=CVE-2026-4697

- https://www.cve.org/CVERecord?id=CVE-2026-4698

- https://www.cve.org/CVERecord?id=CVE-2026-4699

- https://www.cve.org/CVERecord?id=CVE-2026-4700

- https://www.cve.org/CVERecord?id=CVE-2026-4701

- https://www.cve.org/CVERecord?id=CVE-2026-4702

- https://www.cve.org/CVERecord?id=CVE-2026-4704

- https://www.cve.org/CVERecord?id=CVE-2026-4705

- https://www.cve.org/CVERecord?id=CVE-2026-4706

- https://www.cve.org/CVERecord?id=CVE-2026-4707

- https://www.cve.org/CVERecord?id=CVE-2026-4708

- https://www.cve.org/CVERecord?id=CVE-2026-4709

- https://www.cve.org/CVERecord?id=CVE-2026-4710

- https://www.cve.org/CVERecord?id=CVE-2026-4711

- https://www.cve.org/CVERecord?id=CVE-2026-4712

- https://www.cve.org/CVERecord?id=CVE-2026-4713

- https://www.cve.org/CVERecord?id=CVE-2026-4714

- https://www.cve.org/CVERecord?id=CVE-2026-4715

- https://www.cve.org/CVERecord?id=CVE-2026-4716

- https://www.cve.org/CVERecord?id=CVE-2026-4717

- https://www.cve.org/CVERecord?id=CVE-2026-4718

- https://www.cve.org/CVERecord?id=CVE-2026-4719

- https://www.cve.org/CVERecord?id=CVE-2026-4720

- https://www.cve.org/CVERecord?id=CVE-2026-4721

Topics%20covered

Topics Covered

security advisory denial of service critical firefox NSS Mageia

Resolution

SRPMS

- 9/core/nss-3.122.0-1.mga9

- 9/core/firefox-140.9.0-1.mga9

- 9/core/firefox-l10n-140.9.0-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 02 Apr 2026
URL: https://advisories.mageia.org/MGASA-2026-0080.html
Type: security
CVE: CVE-2025-59375, CVE-2026-4684, CVE-2026-4685, CVE-2026-4686, CVE-2026-4687, CVE-2026-4688, CVE-2026-4689, CVE-2026-4690, CVE-2026-4691, CVE-2026-4692, CVE-2026-4693, CVE-2026-4694, CVE-2026-4695, CVE-2026-4696, CVE-2026-4697, CVE-2026-4698, CVE-2026-4699, CVE-2026-4700, CVE-2026-4701, CVE-2026-4702, CVE-2026-4704, CVE-2026-4705, CVE-2026-4706, CVE-2026-4707, CVE-2026-4708, CVE-2026-4709, CVE-2026-4710, CVE-2026-4711, CVE-2026-4712, CVE-2026-4713, CVE-2026-4714, CVE-2026-4715, CVE-2026-4716, CVE-2026-4717, CVE-2026-4718, CVE-2026-4719, CVE-2026-4720, CVE-2026-4721

Topics%20covered

Topics Covered

security advisory denial of service critical firefox NSS Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here