Bug 1149294 - (CVE-2019-9812) VUL-0: CVE-2019-9812: MozillaFirefox: Sandbox escape through Firefox Sync
(CVE-2019-9812)
VUL-0: CVE-2019-9812: MozillaFirefox: Sandbox escape through Firefox Sync
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Charles Robertson
Security Team bot
https://smash.suse.de/issue/241686/
CVSSv3:RedHat:CVE-2019-9812:7.5:(AV:N...
:
Depends on: 1149323 1149324
Blocks:
  Show dependency treegraph
 
Reported: 2019-09-04 06:48 UTC by Alexander Bergmann
Modified: 2022-09-06 16:42 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-09-04 06:48:44 UTC
CVE-2019-9812: Sandbox escape through Firefox Sync

Reporter   Niklas Baumstark via TrendMicro's Zero Day Initiative
Impact     high

Description
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered.


References:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-9812
https://bugzilla.mozilla.org/show_bug.cgi?id=1538008
https://bugzilla.mozilla.org/show_bug.cgi?id=1538015
https://bugzilla.redhat.com/show_bug.cgi?id=1748660
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9812
Comment 3 Swamp Workflow Management 2019-09-17 19:18:52 UTC
SUSE-SU-2019:14173-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 1145550,1149294,1149295,1149296,1149297,1149298,1149299,1149303
CVE References: CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11752,CVE-2019-11753,CVE-2019-9812
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    MozillaFirefox-60.9.0esr-78.46.2, firefox-glib2-2.54.3-2.11.1, firefox-gtk3-3.10.9-2.12.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2019-09-23 16:11:08 UTC
SUSE-SU-2019:2436-1: An update that solves 8 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1149294,1149295,1149296,1149297,1149298,1149299,1149303,1149304,1149324
CVE References: CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11752,CVE-2019-11753,CVE-2019-9812
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 7 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 4 (src):    MozillaFirefox-60.9.0-109.86.1
HPE Helion Openstack 8 (src):    MozillaFirefox-60.9.0-109.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2019-10-03 19:12:36 UTC
SUSE-SU-2019:2545-1: An update that fixes 29 vulnerabilities is now available.

Category: security (important)
Bug References: 1109465,1117473,1123482,1124525,1133810,1138688,1140868,1141322,1145665,1149292,1149293,1149294,1149295,1149296,1149297,1149298,1149299,1149302,1149303,1149304,1149323
CVE References: CVE-2019-11710,CVE-2019-11714,CVE-2019-11716,CVE-2019-11718,CVE-2019-11720,CVE-2019-11721,CVE-2019-11723,CVE-2019-11724,CVE-2019-11725,CVE-2019-11727,CVE-2019-11728,CVE-2019-11733,CVE-2019-11735,CVE-2019-11736,CVE-2019-11738,CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11747,CVE-2019-11748,CVE-2019-11749,CVE-2019-11750,CVE-2019-11751,CVE-2019-11752,CVE-2019-11753,CVE-2019-9811,CVE-2019-9812
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    MozillaFirefox-68.1.0-3.54.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    MozillaFirefox-68.1.0-3.54.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    MozillaFirefox-68.1.0-3.54.2, MozillaFirefox-branding-SLE-68-4.8.5
SUSE Linux Enterprise Module for Desktop Applications 15 (src):    MozillaFirefox-68.1.0-3.54.2, MozillaFirefox-branding-SLE-68-4.8.5

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2019-10-05 04:12:40 UTC
openSUSE-SU-2019:2251-1: An update that fixes 29 vulnerabilities is now available.

Category: security (important)
Bug References: 1109465,1117473,1123482,1124525,1133810,1138688,1140868,1141322,1145665,1149292,1149293,1149294,1149295,1149296,1149297,1149298,1149299,1149302,1149303,1149304,1149323
CVE References: CVE-2019-11710,CVE-2019-11714,CVE-2019-11716,CVE-2019-11718,CVE-2019-11720,CVE-2019-11721,CVE-2019-11723,CVE-2019-11724,CVE-2019-11725,CVE-2019-11727,CVE-2019-11728,CVE-2019-11733,CVE-2019-11735,CVE-2019-11736,CVE-2019-11738,CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11747,CVE-2019-11748,CVE-2019-11749,CVE-2019-11750,CVE-2019-11751,CVE-2019-11752,CVE-2019-11753,CVE-2019-9811,CVE-2019-9812
Sources used:
openSUSE Leap 15.1 (src):    MozillaFirefox-68.1.0-lp151.2.14.1
Comment 9 Swamp Workflow Management 2019-10-06 13:20:29 UTC
openSUSE-SU-2019:2260-1: An update that fixes 29 vulnerabilities is now available.

Category: security (important)
Bug References: 1109465,1117473,1123482,1124525,1133810,1138688,1140868,1141322,1145665,1149292,1149293,1149294,1149295,1149296,1149297,1149298,1149299,1149302,1149303,1149304,1149323
CVE References: CVE-2019-11710,CVE-2019-11714,CVE-2019-11716,CVE-2019-11718,CVE-2019-11720,CVE-2019-11721,CVE-2019-11723,CVE-2019-11724,CVE-2019-11725,CVE-2019-11727,CVE-2019-11728,CVE-2019-11733,CVE-2019-11735,CVE-2019-11736,CVE-2019-11738,CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11747,CVE-2019-11748,CVE-2019-11749,CVE-2019-11750,CVE-2019-11751,CVE-2019-11752,CVE-2019-11753,CVE-2019-9811,CVE-2019-9812
Sources used:
openSUSE Leap 15.0 (src):    MozillaFirefox-68.1.0-lp150.3.66.1
Comment 10 Alexandros Toptsoglou 2020-02-04 14:44:39 UTC
Closing