CVE-2023-5174
published 2023-09-27CVE-2023-5174: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| debian | firefox-esr | — | — |
| debian | thunderbird | — | — |
| mozilla | firefox | < 118 | 118 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= unspecified < 118 | 118 |
| mozilla | firefox_esr | < 115.3 | 115.3 |
| mozilla | firefox_esr | >= unspecified < 115.3 | 115.3 |
| mozilla | thunderbird | < 115.3 | 115.3 |
| mozilla | thunderbird | >= unspecified < 115.3 | 115.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
Red Hat
Mozilla: Double-free in process spawning on Windows
vendor_redhat·2023-09-26·CVSS 9.8
CVE-2023-5174 [CRITICAL] Mozilla: Double-free in process spawning on Windows
Mozilla: Double-free in process spawning on Windows
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Fir
Debian
CVE-2023-5174: firefox - If Windows failed to duplicate a handle during process creation, the sandbox cod...
vendor_debian·2023·CVSS 9.8
CVE-2023-5174 [CRITICAL] CVE-2023-5174: firefox - If Windows failed to duplicate a handle during process creation, the sandbox cod...
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Scope: local
sid: resolved
Mozilla
Mozilla Foundation Security Advisory 2023-42: CVE-2023-5174
vendor_mozilla·CVSS 9.8
CVE-2023-5174 [CRITICAL] Mozilla Foundation Security Advisory 2023-42: CVE-2023-5174
Mozilla Foundation Security Advisory 2023-42
CVE: CVE-2023-5174
Product: Firefox ESR
Impact: high
Fixed in: Firefox ESR 115.3
Mozilla
Mozilla Foundation Security Advisory 2023-41: CVE-2023-5174
vendor_mozilla·CVSS 9.8
CVE-2023-5174 [CRITICAL] Mozilla Foundation Security Advisory 2023-41: CVE-2023-5174
Mozilla Foundation Security Advisory 2023-41
CVE: CVE-2023-5174
Product: Firefox
Impact: high
Fixed in: Firefox 118
Mozilla
Mozilla Foundation Security Advisory 2023-43: CVE-2023-5174
vendor_mozilla·CVSS 9.8
CVE-2023-5174 [CRITICAL] Mozilla Foundation Security Advisory 2023-43: CVE-2023-5174
Mozilla Foundation Security Advisory 2023-43
CVE: CVE-2023-5174
Product: Thunderbird
Impact: high
Fixed in: Thunderbird 115.3
GHSA
GHSA-8fw2-629c-5885: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-aft
ghsa_unreviewed·2023-09-27
CVE-2023-5174 [CRITICAL] CWE-416 GHSA-8fw2-629c-5885: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-aft
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
OSV
CVE-2023-5174: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-aft
osv·2023-09-27·CVSS 9.8
CVE-2023-5174 [CRITICAL] CVE-2023-5174: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-aft
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugzilla.mozilla.org/show_bug.cgi?id=1848454https://www.mozilla.org/security/advisories/mfsa2023-41/https://www.mozilla.org/security/advisories/mfsa2023-42/https://www.mozilla.org/security/advisories/mfsa2023-43/https://bugzilla.mozilla.org/show_bug.cgi?id=1848454https://www.mozilla.org/security/advisories/mfsa2023-41/https://www.mozilla.org/security/advisories/mfsa2023-42/https://www.mozilla.org/security/advisories/mfsa2023-43/
2023-09-27
Published