CVE-2025-3032 — File Descriptor Leak in Mozilla Firefox

CWE-403 — File Descriptor Leak CWE-497 — Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-120 — Classic Buffer Overflow10 documents8 sources

Severity

7.4HIGHNVD

EPSS

0.2%

top 52.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Thunderbird

Timeline

PublishedApr 1

Latest updateFeb 2

Description

Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks. This vulnerability was fixed in Firefox 137 and Thunderbird 137.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages3 packages

▶NVDmozilla/firefox< 137.0

▶NVDmozilla/thunderbird< 137.0

▶Ubuntumozilla/thunderbird< 1:140.7.1+build1-0ubuntu0.22.04.1

🔴Vulnerability Details

GHSA

GHSA-h3xj-xc3c-cvpm: Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks↗2025-04-01

▶

CVEList

Leaking file descriptors from the fork server↗2025-04-01

▶

OSV

CVE-2025-3032: Leaking of file descriptors from the fork server to web content processes could allow for privilege escalation attacks↗2025-04-01

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2026-02-02

▶

Red Hat

kernel: ipv6: reject malicious packets in ipv6_gso_segment()↗2025-08-19

▶

Red Hat

thunderbird: firefox: Leaking file descriptors from the fork server↗2025-04-01

▶

Debian

CVE-2025-3032: firefox - Leaking of file descriptors from the fork server to web content processes could ...↗2025

▶

Mozilla

Mozilla Foundation Security Advisory 2025-20: CVE-2025-3032↗

▶