** Information type changed from Private Security to Public Security
** Changed in: firefox (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1896722
Title:
Mozilla Firefox Multiple Arbitrary Code Execution Vulnerabilities
Status in firefox package in Ubuntu:
Confirmed
Bug description:
Hi Ubuntu Launchpad Team,
Multiple vulnerabilities have been reported in Mozilla Firefox, which
can be exploited by malicious people to compromise a vulnerable
system.
1. Some errors related to memory safety can be exploited to corrupt
memory.
2. Some further errors related to memory safety can be exploited to
corrupt memory.
3. A use-after-free error in WebGL when processing surfaces can be
exploited to corrupt memory.
Successful exploitation of the vulnerabilities #1 through #3 may allow
execution of arbitrary code.
The vulnerabilities are reported in versions prior to 81.
Affected version: Mozilla Firefox 80.x
Reference: https://www.mozilla.org/en-
US/security/advisories/mfsa2020-42
Found in: Ubuntu 16, Ubuntu 18
Please provide an appropriate upgrade.
Thanks,
it0001
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1896722/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
