CVE-2024-2605: An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows…

CVE-2024-2605 [MEDIUM] Mozilla: Windows Error Reporter could be used as a Sandbox escape vector Mozilla: Windows Error Reporter could be used as a Sandbox escape vector An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package

CVE-2024-2605 [MEDIUM] An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating system An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additio

CVE-2024-2605 [MEDIUM] CVE-2024-2605: firefox - An attacker could have leveraged the Windows Error Reporter to run arbitrary cod... An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Scope: local sid: resolved

CVE-2024-2605 [MEDIUM] Mozilla Foundation Security Advisory 2024-12: CVE-2024-2605 Mozilla Foundation Security Advisory 2024-12 CVE: CVE-2024-2605 Product: Firefox Impact: critical Fixed in: Firefox 124

CVE-2024-2605 [MEDIUM] Mozilla Foundation Security Advisory 2024-14: CVE-2024-2605 Mozilla Foundation Security Advisory 2024-14 CVE: CVE-2024-2605 Product: Thunderbird Impact: high Fixed in: Thunderbird 115.9

CVE-2024-2605 [MEDIUM] Mozilla Foundation Security Advisory 2024-13: CVE-2024-2605 Mozilla Foundation Security Advisory 2024-13 CVE: CVE-2024-2605 Product: Firefox ESR Impact: high Fixed in: Firefox ESR 115.9

CVE-2024-2605 [MEDIUM] GHSA-pwwp-85rf-2286: An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2605 [MEDIUM] CVE-2024-2605: An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-26862 [MEDIUM] CVE-2024-26862 kernel: packet: annotate data-races around ignore_outgoing CVE-2024-26862 kernel: packet: annotate data-races around ignore_outgoing In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing The Linux kernel CVE team has assigned CVE-2024-26862 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024041736-CVE-2024-26862-2605@gregkh/T Discussion: Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2275728] --- This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315 --- Are there any updates on this issue? I have been accessing Red Hat Enterprise Linux 9 Via RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315 https://timecalcula