Bug 1221327

Summary: VUL-0: MozillaFirefox / MozillaThunderbird: update to 124 and 115.9esr
Product: [Novell Products] SUSE Security Incidents Reporter: Martin Sirringhaus <martin.sirringhaus>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner, rfrohl, stoyan.manolov, wolfgang
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/397410/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-5388:6.5:(AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) CVSSv3.1:SUSE:CVE-2024-0743:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSSv3.1:SUSE:CVE-2024-2605:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSSv3.1:SUSE:CVE-2024-2606:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) CVSSv3.1:SUSE:CVE-2024-2607:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSSv3.1:SUSE:CVE-2024-2608:8.1:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2024-2609:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSSv3.1:SUSE:CVE-2024-2610:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSSv3.1:SUSE:CVE-2024-2611:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) CVSSv3.1:SUSE:CVE-2024-2612:8.1:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2024-2613:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSSv3.1:SUSE:CVE-2024-2614:8.1:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2024-2615:8.1:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2024-2616:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 2 Martin Sirringhaus 2024-03-19 14:21:37 UTC 
- Mozilla Firefox 124
  MFSA 2024-12
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape
    vector
  * CVE-2024-2606 (bmo#1879237)
    Mishandling of WASM register values
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2609 (bmo#1866100)
    Permission prompt input delay could expire when not in focus
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce
    leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user
    accidentally granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2613 (bmo#1875701)
    Improper handling of QUIC ACK frame data could have led to
    OOM
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405,
    bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9
  * CVE-2024-2615 (bmo#1881074, bmo#1882438)
    Memory safety bugs fixed in Firefox 124

- Mozilla Firefox ESR 115.9
  MFSA 2024-13
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape
    vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce
    leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user
    accidentally granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405,
    bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9

- Mozilla Thunderbird 115.9
  MFSA 2024-14
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape
    vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce
    leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user
    accidentally granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405,
    bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9
Comment 3 Martin Sirringhaus 2024-03-19 14:41:23 UTC 
CVE-2023-5388 and CVE-2024-0743 are already fixed for ESR with NSS 3.90.2.
Comment 5 OBSbugzilla Bot 2024-03-22 09:35:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1221327) was mentioned in
https://build.opensuse.org/request/show/1160556 Factory / MozillaThunderbird
Comment 7 Maintenance Automation 2024-03-22 12:30:32 UTC 
SUSE-SU-2024:0971-1: An update that solves 10 vulnerabilities can now be installed.

Category: security (important)
Bug References: 1221327
CVE References: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
Maintenance Incident: [SUSE:Maintenance:32974](https://smelt.suse.de/incident/32974/)
Sources used:
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 MozillaFirefox-115.9.0-112.203.2
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 MozillaFirefox-115.9.0-112.203.2
SUSE Linux Enterprise Server 12 SP5 (src):
 MozillaFirefox-115.9.0-112.203.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 MozillaFirefox-115.9.0-112.203.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 OBSbugzilla Bot 2024-03-22 17:35:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1221327) was mentioned in
https://build.opensuse.org/request/show/1160726 Factory / MozillaFirefox
Comment 9 Maintenance Automation 2024-03-27 08:30:04 UTC 
SUSE-SU-2024:1002-1: An update that solves 19 vulnerabilities can now be installed.

Category: security (critical)
Bug References: 1220048, 1221327, 1221850
CVE References: CVE-2023-5388, CVE-2024-0743, CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616, CVE-2024-29944
Maintenance Incident: [SUSE:Maintenance:32985](https://smelt.suse.de/incident/32985/)
Sources used:
openSUSE Leap 15.5 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
Desktop Applications Module 15-SP5 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 MozillaFirefox-115.9.1-150200.152.131.1
SUSE Enterprise Storage 7.1 (src):
 MozillaFirefox-115.9.1-150200.152.131.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Maintenance Automation 2024-04-08 12:30:39 UTC 
SUSE-SU-2024:1147-1: An update that solves 10 vulnerabilities can now be installed.

Category: security (important)
Bug References: 1221327
CVE References: CVE-2023-5388, CVE-2024-0743, CVE-2024-2605, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
Maintenance Incident: [SUSE:Maintenance:33020](https://smelt.suse.de/incident/33020/)
Sources used:
openSUSE Leap 15.5 (src):
 MozillaThunderbird-115.9.0-150200.8.154.1
SUSE Package Hub 15 15-SP5 (src):
 MozillaThunderbird-115.9.0-150200.8.154.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src):
 MozillaThunderbird-115.9.0-150200.8.154.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.