CVE-2024-7528: Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and…

[MEDIUM] Firefox regressions Title: Firefox regressions Summary: USN-6966-1 caused some minor regressions in Firefox. USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memo

CVE-2024-7518 [MEDIUM] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker coul

CVE-2024-7528 [HIGH] CWE-416 mozilla: Use-after-free in IndexedDB mozilla: Use-after-free in IndexedDB Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. The Mozilla Foundation Security Advisory describes this flaw as: Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. Statement: Red Hat Product Security rates the severity of this flaw to be important, as determined by the Mozilla Foundation Security Advisory. Package: firefox (Red Hat Enterprise Linux 6) - Out of support scope Package: thunderbird (Red Hat Enterprise Linux 6) - Out of support scope Package: thunderbird (Red Hat Enterprise Linux 7) - Out of support scope

CVE-2024-7528 [HIGH] CVE-2024-7528: firefox - Incorrect garbage collection interaction in IndexedDB could have led to a use-af... Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. Scope: local sid: resolved (fixed in 129.0-1)

CVE-2024-7528 [HIGH] Mozilla Foundation Security Advisory 2024-35: CVE-2024-7528 Mozilla Foundation Security Advisory 2024-35 CVE: CVE-2024-7528 Product: Firefox ESR Impact: low Fixed in: Firefox ESR 128.1

CVE-2024-7528 [HIGH] Mozilla Foundation Security Advisory 2024-37: CVE-2024-7528 Mozilla Foundation Security Advisory 2024-37 CVE: CVE-2024-7528 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 128.1

CVE-2024-7528 [HIGH] Mozilla Foundation Security Advisory 2024-33: CVE-2024-7528 Mozilla Foundation Security Advisory 2024-33 CVE: CVE-2024-7528 Product: Firefox Impact: low Fixed in: Firefox 129

CVE-2024-7518 [MEDIUM] firefox regressions firefox regressions USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the san

CVE-2024-7518 [MEDIUM] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE

CVE-2024-7528 [HIGH] CVE-2024-7528: Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

CVE-2024-7528 [CRITICAL] CWE-416 GHSA-gx25-vx95-m52w: Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129 and Firefox ESR < 128.1.