CVE-2024-7519: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox…

CVE-2024-53172 [MEDIUM] CWE-20 kernel: ubi: fastmap: Fix duplicate slab cache names while attaching kernel: ubi: fastmap: Fix duplicate slab cache names while attaching In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), the duplicate slab cache names can be detected and a kernel WARNING is thrown out. In UBI fast attaching process, alloc_ai() could be invoked twice with the same slab cache name 'ubi_aeb_slab_cache', which will trigger following warning messages: kmem_cache of name 'ubi_aeb_slab_cache' already exists WARNING: CPU: 0 PID: 7519 at mm/slab_common.c:107 __kmem_cache_create_args+0x100/0x5f0 Modules linked in: ubi(+) nandsim [last unloaded: nandsim] CPU: 0 UID: 0 PID: 7519 Comm: modprobe Tainted: G 6.12.0-rc2 RIP: 0010

CVE-2024-7526 [CRITICAL] Thunderbird vulnerabilities Title: Thunderbird vulnerabilities Summary: Several security issues were fixed in Thunderbird. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, CVE-2024-8382) It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Irvan Kurniawan discovered that Thunderbird did not properly check an attribute value i

[MEDIUM] Firefox regressions Title: Firefox regressions Summary: USN-6966-1 caused some minor regressions in Firefox. USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memo

CVE-2024-7518 [MEDIUM] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker coul

CVE-2024-7519 [CRITICAL] CWE-787 mozilla: Out of bounds memory access in graphics shared memory handling mozilla: Out of bounds memory access in graphics shared memory handling Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. The Mozilla Foundation Security Advisory describes this flaw as: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package: firefox (Red Hat Enterprise Linux 6) - Out of support scope Pa

CVE-2024-7519 [CRITICAL] CVE-2024-7519: firefox - Insufficient checks when processing graphics shared memory could have led to mem... Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-7519 [CRITICAL] Mozilla Foundation Security Advisory 2024-37: CVE-2024-7519 Mozilla Foundation Security Advisory 2024-37 CVE: CVE-2024-7519 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 128.1

CVE-2024-7519 [CRITICAL] Mozilla Foundation Security Advisory 2024-35: CVE-2024-7519 Mozilla Foundation Security Advisory 2024-35 CVE: CVE-2024-7519 Product: Firefox ESR Impact: low Fixed in: Firefox ESR 128.1

CVE-2024-7519 [CRITICAL] Mozilla Foundation Security Advisory 2024-34: CVE-2024-7519 Mozilla Foundation Security Advisory 2024-34 CVE: CVE-2024-7519 Product: Firefox ESR Impact: low Fixed in: Firefox ESR 115.14

CVE-2024-7519 [CRITICAL] Mozilla Foundation Security Advisory 2024-33: CVE-2024-7519 Mozilla Foundation Security Advisory 2024-33 CVE: CVE-2024-7519 Product: Firefox Impact: low Fixed in: Firefox 129

CVE-2024-7519 [CRITICAL] Mozilla Foundation Security Advisory 2024-38: CVE-2024-7519 Mozilla Foundation Security Advisory 2024-38 CVE: CVE-2024-7519 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 115.14

CVE-2024-7521 [CRITICAL] thunderbird vulnerabilities thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2024-7521, CVE-2024-7526, CVE-2024-7527, CVE-2024-7529, CVE-2024-8382) It was discovered that Thunderbird did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Irvan Kurniawan discovered that Thunderbird did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerabili

CVE-2024-7518 [MEDIUM] firefox regressions firefox regressions USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the san

CVE-2024-7518 [MEDIUM] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE

CVE-2024-7519 [CRITICAL] CVE-2024-7519: Insufficient checks when processing graphics shared memory could have led to memory corruption Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

CVE-2024-7519 [HIGH] CWE-787 GHSA-9wvx-3hw8-4ghf: Insufficient checks when processing graphics shared memory could have led to memory corruption Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.