Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2024:2371-1 Important: MozillaFirefox Memory Issues Fixes

suse
Calendar Grey July 9, 2024
Dist Suse Esm H88
Essential MozillaFirefox patch for SUSE tackling several vulnerabilities and memory-related problems. Ensure to apply suggested updates.
* bsc#1225278 * bsc#1226316 Cross-References: * CVE-2024-5688

Summary

## This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.13.0 ESR (MFSA 2024-30, bsc#1226316): * CVE-2024-6600: Memory corruption in WebGL API * CVE-2024-6601: Race condition in permission assignment * CVE-2024-6602: Memory corruption in NSS * CVE-2024-6603: Memory corruption in thread creation * CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 Other fixes: * Fix GNOME search provider (bsc#1225278) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2371=1

Topics%20covered

Topics Covered

security advisory memory corruption important SUSE Linux MozillaFirefox

References

* bsc#1225278

* bsc#1226316

Cross-

* CVE-2024-5688

* CVE-2024-5690

* CVE-2024-5691

* CVE-2024-5692

* CVE-2024-5693

* CVE-2024-5696

* CVE-2024-5700

* CVE-2024-5702

* CVE-2024-6600

* CVE-2024-6601

* CVE-2024-6602

* CVE-2024-6603

* CVE-2024-6604

CVSS scores:

Affected Products:

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise Server 12 SP5

* SUSE Linux Enterprise Server for SAP Applications 12 SP5

* SUSE Linux Enterprise Software Development Kit 12 SP5

An update that solves 13 vulnerabilities can now be installed.

##

* https://www.suse.com/security/cve/CVE-2024-5688.html

* https://www.suse.com/security/cve/CVE-2024-5690.html

* https://www.suse.com/security/cve/CVE-2024-5691.html

* https://www.suse.com/security/cve/CVE-2024-5692.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2371-1
Rating: important

Topics%20covered

Topics Covered

security advisory memory corruption important SUSE Linux MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here