Ubuntu 6074-1: Firefox vulnerabilities | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-6074-1
May 15, 2023

firefox vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2023-32205,
CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,
CVE-2023-32213, CVE-2023-32215, CVE-2023-32216)

Irvan Kurniawan discovered that Firefox did not properly manage memory
when using RLBox Expat driver. An attacker could potentially exploits this
issue to cause a denial of service. (CVE-2023-32206)

Anne van Kesteren discovered that Firefox did not properly validate the
import() call in service workers. An attacker could potentially exploits
this to obtain sensitive information. (CVE-2023-32208)

Sam Ezeh discovered that Firefox did not properly handle certain favicon
image files. If a user were tricked into opening a malicicous favicon file,
an attacker could cause a denial of service. (CVE-2023-32209)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  firefox                         113.0+build2-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
  firefox                         113.0+build2-0ubuntu0.18.04.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References:
  https://ubuntu.com/security/notices/USN-6074-1
  CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208,
  CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,
  CVE-2023-32213, CVE-2023-32215, CVE-2023-32216

Package Information:
  https://launchpad.net/ubuntu/+source/firefox/113.0+build2-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/firefox/113.0+build2-0ubuntu0.18.04.1

Ubuntu 6074-1: Firefox vulnerabilities

May 15, 2023
Several security issues were fixed in Firefox.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216) Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. (CVE-2023-32206) Anne van Kesteren discovered that Firefox did not properly validate the import() call in service workers. An attacker could potentially exploits this to obtain sensitive information. (CVE-2023-32208) Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicicous favicon file, an attacker could cause a denial of service. (CVE-2023-32209)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firefox 113.0+build2-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: firefox 113.0+build2-0ubuntu0.18.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6074-1

CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208,

CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212,

CVE-2023-32213, CVE-2023-32215, CVE-2023-32216

Severity
Ubuntu Security Notice USN-6074-1

Package Information

https://launchpad.net/ubuntu/+source/firefox/113.0+build2-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/firefox/113.0+build2-0ubuntu0.18.04.1

Related News

Linux Kernel DoS, Info Disclosure Bugs Fixed

The Secure Programmable Router Project Puts Your Network Back Under Your Control with a Raspberry Pi

Important runC Privilege Escalation Flaws Fixed

CISA Warns Several Old Linux Vulns Exploited in Attacks

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy