CVE-2024-8388: Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after…

CVE-2024-8388 [MEDIUM] CVE-2024-8388: Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mod Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.

CVE-2024-8388 [MEDIUM] CWE-1021 GHSA-j755-mmjr-g7rh: Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mod Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.

CVE-2024-49908 [MEDIUM] CWE-476 kernel: drm/amd/display: Add null check for &#39;afb&#39; in amdgpu_dm_update_cursor (v2) kernel: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2) In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_update_cursor function. Previously, 'afb' was assumed to be null at line 8388, but was used later in the code without a null check. This could potentially lead to a null pointer dereference. Changes since v1: - Moved the null check for 'afb' to the line where 'afb' is used. (Alex) Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:8433 amdgpu_dm_update_cursor() error: we previously assumed 'afb' could be null (see line 8388) Package: kernel (Red Hat Enterprise Linux 6) - No

CVE-2024-8388 [MEDIUM] CVE-2024-8388: firefox - Multiple prompts and panels from both Firefox and the Android OS could be used t... Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130. Scope: local sid: resolved

CVE-2024-8388 [MEDIUM] Mozilla Foundation Security Advisory 2024-39: CVE-2024-8388 Mozilla Foundation Security Advisory 2024-39 CVE: CVE-2024-8388 Product: Firefox Impact: high Fixed in: Firefox 130