Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2022:14880-1 Important MozillaFirefox Memory Safety Fix

suse
Calendar Grey January 25, 2022
Dist Suse Esm H88
The recent crucial SUSE update for Mozilla Firefox resolves 14 vulnerabilities, boosting security and performance. Follow this guide to apply the updates seamlessly
An update that fixes 14 vulnerabilities is now available

Summary

This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).

Topics%20covered

Topics Covered

security advisory memory access SUSE important patch browser exploits MozillaFirefox

References

#1194547

Cross- CVE-2021-4140 CVE-2022-22737 CVE-2022-22738

CVE-2022-22739 CVE-2022-22740 CVE-2022-22741

CVE-2022-22742 CVE-2022-22743 CVE-2022-22744

CVE-2022-22745 CVE-2022-22746 CVE-2022-22747

CVE-2022-22748 CVE-2022-22751

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2021-4140.html

https://www.suse.com/security/cve/CVE-2022-22737.html

https://www.suse.com/security/cve/CVE-2022-22738.html

https://www.suse.com/security/cve/CVE-2022-22739.html

https://www.suse.com/security/cve/CVE-2022-22740.html

https://www.suse.com/security/cve/CVE-2022-22741.html

https://www.suse.com/security/cve/CVE-2022-22742.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:14880-1
Rating: important

Topics%20covered

Topics Covered

security advisory memory access SUSE important patch browser exploits MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here