Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: MozillaFirefox Important Memory Safety Issues 2025:03008-1

suse
Calendar Grey August 28, 2025
Dist Suse Esm H88
Important SUSE patch for Google Chrome rectifies several vulnerabilities involving data integrity and denial-of-service threats.
* bsc#1226112 * bsc#1247774 * bsc#1248162 Cross-References:

Summary

## This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 (bsc#1248162) * CVE-2025-9179 (bmo#1979527): Sandbox escape due to invalid pointer in the Audio/Video: GMP component * CVE-2025-9180 (bmo#1979782): Same-origin policy bypass in the Graphics: Canvas2D component * CVE-2025-9181 (bmo#1977130): Uninitialized memory in the JavaScript Engine component * CVE-2025-9182 (bmo#1975837): Denial-of-service due to out-of-memory in the Graphics: WebRender component * CVE-2025-9183 (bmo#1976102): Spoofing issue in the Address Bar component * CVE-2025-9184 (bmo#1929482, bmo#1976376, bmo#1979163, bmo#1979955): Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142

Topics%20covered

Topics Covered

security advisory denial of service SuSE important firefox memory safety

References

* bsc#1226112

* bsc#1247774

* bsc#1248162

Cross-

* CVE-2025-9179

* CVE-2025-9180

* CVE-2025-9181

* CVE-2025-9182

* CVE-2025-9183

* CVE-2025-9184

* CVE-2025-9185

* CVE-2025-9187

CVSS scores:

* CVE-2025-9179 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2025-9179 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-9180 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

* CVE-2025-9180 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

* CVE-2025-9181 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

* CVE-2025-9181 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

* CVE-2025-9182 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03008-1
Release Date: 2025-08-28T09:18:52Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service SuSE important firefox memory safety

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here