Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Ubuntu 20.04 LTS USN-6710-1 Critical: Firefox Denial Of Service

Calendar Mar 25, 2024 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code Firefox out-of-bounds
Several security issues were fixed in Firefox. 
==========================================================================
Ubuntu Security Notice USN-6710-1
March 25, 2024

firefox vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

Manfred Paul discovered that Firefox did not properly perform bounds
checking during range analysis, leading to an out-of-bounds write
vulnerability. A attacker could use this to cause a denial of service,
or execute arbitrary code. (CVE-2024-29943)

Manfred Paul discovered that Firefox incorrectly handled MessageManager
listeners under certain circumstances. An attacker who was able to inject
an event handler into a privileged object may have been able to execute
arbitrary code. (CVE-2024-29944)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   firefox                         124.0.1+build1-0ubuntu0.20.04.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References:
   https://ubuntu.com/security/notices/USN-6710-1
   CVE-2024-29943, CVE-2024-29944

Package Information:
   https://launchpad.net/ubuntu/+source/firefox/124.0.1+build1-0ubuntu0.20.04.1

Ubuntu 20.04 LTS USN-6710-1 Critical: Firefox Denial Of Service

ubuntu
Calendar Grey March 25, 2024
Dist Ubuntu Esm H88
Several vulnerabilities found in Firefox were resolved in Ubuntu 20.04 LTS through necessary updates for enhanced security measures.
Several security issues were fixed in Firefox.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. (CVE-2024-29943) Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code. (CVE-2024-29944)

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code Firefox out-of-bounds

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firefox 124.0.1+build1-0ubuntu0.20.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6710-1

CVE-2024-29943, CVE-2024-29944

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6710-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code Firefox out-of-bounds

Package Information

https://launchpad.net/ubuntu/+source/firefox/124.0.1+build1-0ubuntu0.20.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here