⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2019-17026Type Confusion in Mozilla Firefox

CWE-843Type Confusion31 documents17 sources
Severity
8.8HIGHNVD
EPSS
59.1%
top 1.77%
CISA KEV
KEV
Added 2021-11-03
Due 2022-05-03
Exploit
Exploited in wild
Active exploitation observed
Affected products
4
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird+1 more
Timeline
PublishedMar 2
KEV addedNov 3
KEV dueMay 3
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

CVEListV5mozilla/firefoxunspecified72.0.1
NVDmozilla/firefox< 68.4.1+1
CVEListV5mozilla/firefox_esrunspecified68.4.1
CVEListV5mozilla/thunderbirdunspecified68.4.1
NVDmozilla/thunderbird< 68.4.1

Also affects: Ubuntu Linux 16.04

🔴Vulnerability Details

10
GHSA
GHSA-9m3f-27xq-x4j5: Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion2022-05-24
OSV
thunderbird vulnerabilities2020-04-21
CVEList
CVE-2019-17026: Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion2020-03-02
OSV
CVE-2019-17026: Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion2020-03-02
OSV
thunderbird vulnerabilities2020-01-16

💥Exploits & PoCs

2
Exploit-DB
Mozilla Firefox 67 - Array.pop JIT Type Confusion2022-02-02
Exploit-DB
Firefox 72 IonMonkey - JIT Type Confusion2021-05-13

📋Vendor Advisories

8
CISA
Mozilla Firefox And Thunderbird Type Confusion Vulnerability2021-11-03
Ubuntu
Thunderbird vulnerabilities2020-04-21
Ubuntu
Thunderbird vulnerabilities2020-01-16
Ubuntu
Firefox vulnerabilities2020-01-09
Red Hat
Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement2020-01-08

🕵️Threat Intelligence

8
Qualys
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR | Qualys2022-02-23
Tenable
Daisy Chaining: How Vulnerabilities Can Be Greater Than the Sum of Their Parts2021-01-21
Tenable
How to Use VPR to Manage Threats Prior to NVD Publication2020-05-22
Tenable
How COVID-19 Response Is Expanding the Cyberattack Surface2020-03-30
Talos
Threat Source newsletter (Jan. 9, 2019)2020-01-09

💬Community

2
Bugzilla
CVE-2019-17026 Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement2020-01-09
Bugzilla
In-the-wild 0-day reported by Qihoo 3602020-01-07
CVE-2019-17026 — Type Confusion in Mozilla Firefox | cvebase