Debian Firefox vulnerabilities

CVE-2020-6820 [HIGH] CVE-2020-6820: firefox - Under certain conditions, when handling a ReadableStream, a race condition can c... Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. Scope: local sid: resolved (fixed in 74.0.1-1)

CVE-2020-12419 [HIGH] CVE-2020-12419: firefox - When processing callbacks that occurred during window flushing in the parent pro... When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Scope: local sid: resolved (fixed in 78.0-1)

CVE-2020-6800 [HIGH] CVE-2020-6800: firefox - Mozilla developers and community members reported memory safety bugs present in ... Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because script

CVE-2020-26959 [HIGH] CVE-2020-26959: firefox - During browser shutdown, reference decrementing could have occured on a previous... During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. Scope: local sid: resolved (fixed in 83.0-1)

CVE-2020-15675 [HIGH] CVE-2020-15675: firefox - When processing surfaces, the lifetime may outlive a persistent buffer leading t... When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81. Scope: local sid: resolved (fixed in 81.0-1)

CVE-2020-15254 [HIGH] CVE-2020-15254: firefox - Crossbeam is a set of tools for concurrent programming. In crossbeam-channel bef... Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as the number of iterator elements. `Vec::from_iter` does not actually guarantee that and may allocate extra memory. The destructor of the `bounded` channel reconstructs `Vec

CVE-2020-12406 [HIGH] CVE-2020-12406: firefox - Mozilla Developer Iain Ireland discovered a missing type check during unboxed ob... Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. Scope: local sid: resolved (fixed in 77.0-1)

CVE-2020-16044 [HIGH] CVE-2020-16044: firefox - Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote... Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. Scope: local sid: resolved (fixed in 84.0.2-1)

CVE-2020-12417 [HIGH] CVE-2020-12417: firefox - Due to confusion about ValueTags on JavaScript Objects, an object may pass throu... Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Scope: local sid: resolved (fixed in 78.0-1)

CVE-2020-35114 [HIGH] CVE-2020-35114: firefox - Mozilla developers reported memory safety bugs present in Firefox 83. Some of th... Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84. Scope: local sid: resolved (fixed in 84.0-1)

CVE-2020-12391 [HIGH] CVE-2020-12391: firefox - Documents formed using data: URLs in an OBJECT element failed to inherit the CSP... Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76. Scope: local sid: resolved (fixed in 76.0-1)

CVE-2020-15681 [HIGH] CVE-2020-15681: firefox - When multiple WASM threads had a reference to a module, and were looking up expo... When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 82. Scope: local sid: resolved (fixed in 82.0-1)

CVE-2020-26952 [HIGH] CVE-2020-26952: firefox - Incorrect bookkeeping of functions inlined during JIT compilation could have led... Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox < 83. Scope: local sid: resolved (fixed in 83.0-1)

CVE-2020-12409 [HIGH] CVE-2020-12409: firefox - When using certain blank characters in a URL, they where incorrectly rendered as... When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox < 77. Scope: local sid: resolved (fixed in 77.0-1)

CVE-2020-12411 [HIGH] CVE-2020-12411: firefox - Mozilla developers reported memory safety bugs present in Firefox 76. Some of th... Mozilla developers reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 77. Scope: local sid: resolved (fixed in 77.0-1)

CVE-2020-35113 [HIGH] CVE-2020-35113: firefox - Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox... Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Scope: local sid: resolved (fixed

CVE-2020-26973 [HIGH] CVE-2020-26973: firefox - Certain input to the CSS Sanitizer confused it, resulting in incorrect component... Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. Scope: local sid: resolved (fixed in 84.0-1)

CVE-2020-6801 [HIGH] CVE-2020-6801: firefox - Mozilla developers reported memory safety bugs present in Firefox 72. Some of th... Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. Scope: local sid: resolved (fixed in 73.0-1)

CVE-2020-12387 [HIGH] CVE-2020-12387: firefox - A race condition when running shutdown code for Web Worker led to a use-after-fr... A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. Scope: local sid: resolved (fixed in 76.0-1)

CVE-2020-15674 [HIGH] CVE-2020-15674: firefox - Mozilla developers reported memory safety bugs present in Firefox 80. Some of th... Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81. Scope: local sid: resolved (fixed in 81.0-1)