Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2024:3157-1 Important: MozillaFirefox Security Update

suse
Calendar Grey September 6, 2024
Dist Suse Esm H88
Significant Ubuntu patch for Chrome addresses a range of vulnerabilities. Ensure your system's safety with these critical updates.
* bsc#1229821 Cross-References: * CVE-2024-8381 * CVE-2024-8382

Summary

## This update for MozillaFirefox fixes the following issues: * Update to Firefox Extended Support Release 128.2.0 ESR (bsc#1229821) * CVE-2024-8381: Type confusion when looking up a property name in a 'with' block * CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8383: Firefox did not ask before openings news: links in an external application * CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions * CVE-2024-8385: WASM type confusion involving ArrayTypes * CVE-2024-8386: SelectElements could be shown over another site if popups are allowed * CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 ## Patch Instructions:

Topics%20covered

Topics Covered

security advisory security update important suse memory safety mozilla firefox type confusion

References

* bsc#1229821

Cross-

* CVE-2024-8381

* CVE-2024-8382

* CVE-2024-8383

* CVE-2024-8384

* CVE-2024-8385

* CVE-2024-8386

* CVE-2024-8387

CVSS scores:

* CVE-2024-8381 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2024-8381 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-8382 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2024-8382 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-8383 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

* CVE-2024-8383 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2024-8384 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2024-8384 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3157-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update important suse memory safety mozilla firefox type confusion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here