Ubuntu 19.10: USN-4317-1 Moderate: Firefox Denial Of Service
ubuntu
April 4, 2020
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Summary
Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Two use-after-free bugs were discovered in Firefox. If a user were tricked
in to opening a specially crafted website, an attacker could exploit these
to cause a denial of service or execute arbitrary code.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: firefox 74.0.1+build1-0ubuntu0.19.10.1 Ubuntu 18.04 LTS: firefox 74.0.1+build1-0ubuntu0.18.04.1 Ubuntu 16.04 LTS: firefox 74.0.1+build1-0ubuntu0.16.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-4317-1
CVE-2020-6819, CVE-2020-6820
PREVIOUS
NEXT
April 04, 2020
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!