Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Mageia 9 Firefox Important Networking Privilege Escalation MGASA-2026-0124

mageia
Calendar Grey May 9, 2026
Dist Mageia Esm H88
Updated rootcerts and Firefox packages in Mageia address multiple security concerns with varying severity levels.
MGASA-2026-0124 - Updated rootcerts, nss & firefox packages fix security vulnerabilities

Summary

Description: Use-after-free in the DOM: Core & HTML component. (CVE-2026-6746) Use-after-free in the WebRTC component. (CVE-2026-6747) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6748) Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. (CVE-2026-6749) Privilege escalation in the Graphics: WebRender component. (CVE-2026-6750) Uninitialized memory in the Audio/Video: Web Codecs component. (CVE-2026-6751) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6752) Incorrect boundary conditions in the WebRTC component. (CVE-2026-6753) Use-after-free in the JavaScript Engine component. (CVE-2026-6754) Invalid pointer in the JavaScript: WebAssembly component. (CVE-2026-6757) Use-after-free in the Widget: Cocoa component. (CVE-2026-6759) Privilege escalation in the Networking component. (CVE-2026-6761) Spoofing issue in the DOM: Core & HTML component. (CVE-2026-6762) Mitigation bypass in the File Handling componen...

References

- https://bugs.mageia.org/show_bug.cgi?id=35403

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123.html

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_123_1.html

- https://www.firefox.com/en-US/firefox/140.10.0/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/

- https://www.firefox.com/en-US/firefox/140.10.1/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2026-36/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6759

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766

Topics%20covered

Topics Covered

security advisory privilege escalation important firefox networking Mageia

Resolution

SRPMS

- 9/core/rootcerts-20260412.00-1.mga9

- 9/core/nss-3.123.1-1.mga9

- 9/core/firefox-140.10.1-1.mga9

- 9/core/firefox-l10n-140.10.1-1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 09 May 2026
URL: https://advisories.mageia.org/MGASA-2026-0124.html
Type: security
CVE: CVE-2026-6746, CVE-2026-6747, CVE-2026-6748, CVE-2026-6749, CVE-2026-6750, CVE-2026-6751, CVE-2026-6752, CVE-2026-6753, CVE-2026-6754, CVE-2026-6757, CVE-2026-6759, CVE-2026-6761, CVE-2026-6762, CVE-2026-6763, CVE-2026-6764, CVE-2026-6765, CVE-2026-6766

Topics%20covered

Topics Covered

security advisory privilege escalation important firefox networking Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here