Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 20.04 LTS USN-6710-1 Critical: Firefox Denial Of Service

ubuntu
Calendar Grey March 25, 2024
Dist Ubuntu Esm H88
Several vulnerabilities found in Firefox were resolved in Ubuntu 20.04 LTS through necessary updates for enhanced security measures.
Several security issues were fixed in Firefox.

Summary

Several security issues were fixed in Firefox.

Software Description:

- firefox: Mozilla Open Source web browser

Details:

Manfred Paul discovered that Firefox did not properly perform bounds

checking during range analysis, leading to an out-of-bounds write

vulnerability. A attacker could use this to cause a denial of service,

or execute arbitrary code. (CVE-2024-29943)

Manfred Paul discovered that Firefox incorrectly handled MessageManager

listeners under certain circumstances. An attacker who was able to inject

an event handler into a privileged object may have been able to execute

arbitrary code. (CVE-2024-29944)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   firefox                         124.0.1+build1-0ubuntu0.20.04.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References

https://ubuntu.com/security/notices/USN-6710-1

CVE-2024-29943, CVE-2024-29944

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6710-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here