CVE-2022-34480
published 2022-12-22CVE-2022-34480: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated…
PriorityP338high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.54%
41.5th percentile
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 102.0-1 (sid) | firefox 102.0-1 (sid) |
| mozilla | firefox | < 102.0 | 102.0 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 102.0+build2-0ubuntu0.18.04.1 | 102.0+build2-0ubuntu0.18.04.1 |
| mozilla | firefox | >= 0 < 102.0+build2-0ubuntu0.20.04.1 | 102.0+build2-0ubuntu0.20.04.1 |
| mozilla | firefox | >= unspecified < 102 | 102 |
| mozilla | nss | >= 0 < 2:3.35-2ubuntu2.15 | 2:3.35-2ubuntu2.15 |
| mozilla | nss | >= 0 < 2:3.49.1-1ubuntu1.8 | 2:3.49.1-1ubuntu1.8 |
| mozilla | nss | >= 0 < 2:3.68.2-0ubuntu1.1 | 2:3.68.2-0ubuntu1.1 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.14.04.5+esm11 | 2:3.28.4-0ubuntu0.14.04.5+esm11 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.16.04.14+esm3 | 2:3.28.4-0ubuntu0.16.04.14+esm3 |
| mozilla | thunderbird | >= 0 < 1:102.2.2+build1-0ubuntu0.20.04.1 | 1:102.2.2+build1-0ubuntu0.20.04.1 |
| mozilla | thunderbird | >= 0 < 1:102.2.2+build1-0ubuntu0.22.04.1 | 1:102.2.2+build1-0ubuntu0.22.04.1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
NSS vulnerabilities
vendor_ubuntu·2023-02-15·CVSS 6.5
CVE-2022-22747 [MEDIUM] NSS vulnerabilities
Title: NSS vulnerabilities
Summary: Several security issues were fixed in NSS.
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
Instructions: After a standard system update you need to restart any applications that
use NSS to make all the necessary changes.
Ubuntu
NSS vulnerabilities
vendor_ubuntu·2022-07-07·CVSS 6.5
CVE-2022-22747 [MEDIUM] NSS vulnerabilities
Title: NSS vulnerabilities
Summary: Several security issues were fixed in NSS.
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. This issue only affected Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
Instructions: After a standard system update you need to restart any applications that
use NSS to make all the necessary changes.
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2022-07-05·CVSS 8.8
CVE-2022-34471 [HIGH] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions,
obtain sensitive information, bypass the HTML sanitizer, or execute
arbitrary code. (CVE-2022-2200, CVE-2022-34468, CVE-2022-34470,
CVE-2022-34473, CVE-2022-34474, CVE-2022-34475, CVE-2022-34476,
CVE-2022-34477, CVE-2022-34479, CVE-2022-34480, CVE-2022-34481,
CVE-2022-34484, CVE-2022-34485)
It was discovered that Firefox could be made to save an image with an
executable extension in
Red Hat
firefox: Free of uninitialized pointer in lg_init
vendor_redhat·2022-06-28·CVSS 8.8
CVE-2022-34480 [HIGH] CWE-824 firefox: Free of uninitialized pointer in lg_init
firefox: Free of uninitialized pointer in lg_init
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
The Mozilla Foundation Security Advisory: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer is freed despite never being allocated.
Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. This vulnerability affects non Extended Support Release (ESR) versions of Firefox. Red Hat Enterprise Linux only ships Firefox ESR and therefore, it is not affected by this CVE.
Package: firefox (Red Hat Enterprise Linux 10) - N
Debian
CVE-2022-34480: firefox - Within the <code>lg_init()</code> function, if several allocations succeed but t...
vendor_debian·2022·CVSS 8.8
CVE-2022-34480 [HIGH] CVE-2022-34480: firefox - Within the <code>lg_init()</code> function, if several allocations succeed but t...
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
Scope: local
sid: resolved (fixed in 102.0-1)
Mozilla
Mozilla Foundation Security Advisory 2022-24: CVE-2022-34480
vendor_mozilla·CVSS 8.8
CVE-2022-34480 [HIGH] Mozilla Foundation Security Advisory 2022-24: CVE-2022-34480
Mozilla Foundation Security Advisory 2022-24
CVE: CVE-2022-34480
Product: Firefox
Impact: moderate
Fixed in: Firefox 102
VulDB
Mozilla Firefox up to 101 lg_init uninitialized pointer (Bug 1454072 / EUVD-2022-37435)
vuldb·2026-06-13·CVSS 8.8
CVE-2022-34480 [HIGH] Mozilla Firefox up to 101 lg_init uninitialized pointer (Bug 1454072 / EUVD-2022-37435)
A vulnerability identified as problematic has been detected in Mozilla Firefox up to 101. This affects the function lg_init. The manipulation leads to uninitialized pointer.
This vulnerability is documented as CVE-2022-34480. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
OSV
nss vulnerabilities
osv·2023-02-15·CVSS 6.5
CVE-2022-22747 [MEDIUM] nss vulnerabilities
nss vulnerabilities
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
GHSA
GHSA-gx64-jm35-rwvr: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being a
ghsa_unreviewed·2022-12-22
CVE-2022-34480 [HIGH] CWE-824 GHSA-gx64-jm35-rwvr: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being a
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
OSV
nss vulnerabilities
osv·2022-07-07·CVSS 6.5
CVE-2022-22747 [MEDIUM] nss vulnerabilities
nss vulnerabilities
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. This issue only affected Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
OSV
firefox vulnerabilities
osv·2022-07-05·CVSS 8.8
CVE-2022-2200 [HIGH] firefox vulnerabilities
firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions,
obtain sensitive information, bypass the HTML sanitizer, or execute
arbitrary code. (CVE-2022-2200, CVE-2022-34468, CVE-2022-34470,
CVE-2022-34473, CVE-2022-34474, CVE-2022-34475, CVE-2022-34476,
CVE-2022-34477, CVE-2022-34479, CVE-2022-34480, CVE-2022-34481,
CVE-2022-34484, CVE-2022-34485)
It was discovered that Firefox could be made to save an image with an
executable extension in the filename when dragging and dropping an image
in some circumstances. If a user were tricked into dragging an
OSV
CVE-2022-34480: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being a
osv·2022-07-05·CVSS 8.8
CVE-2022-34480 [HIGH] CVE-2022-34480: Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being a
Within the lg_init() function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox < 102.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-22
Published