#13354: firefox-68.6.1 (0days: CVE-2020-6819 CVE-2020-6820)
-------------------------+-----------------------
Reporter: renodr | Owner: blfs-book
Type: enhancement | Status: new
Priority: highest | Milestone: 9.2
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
New point version
{{{
Mozilla Foundation Security Advisory 2020-11
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
Announced
April 3, 2020
Impact
critical
Products
Firefox, Firefox ESR
Fixed in
Firefox 74.0.1
Firefox ESR 68.6.1
#CVE-2020-6819: Use-after-free while running the nsDocShell destructor
Reporter
Francisco Alonso @revskills working with Javier Marcos of @JMPSec
Impact
critical
Description
Under certain conditions, when running the nsDocShell destructor, a race
condition can cause a use-after-free. We are aware of targeted attacks in
the wild abusing this flaw.
References
Bug 1620818
#CVE-2020-6820: Use-after-free when handling a ReadableStream
Reporter
Francisco Alonso @revskills working with Javier Marcos of @JMPSec
Impact
critical
Description
Under certain conditions, when handling a ReadableStream, a race condition
can cause a use-after-free. We are aware of targeted attacks in the wild
abusing this flaw.
References
Bug 1626728
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/13354>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
