mozilla
/
foundation-security-advisories
зеркало из https://github.com/mozilla/foundation-security-advisories.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Add advisories for 108/102.6 and correct the advisories for 105/106/107

This commit is contained in:
Tom Ritter 2022-12-09 11:52:24 -05:00
Родитель 5fb74a3e54
Коммит 6b426b0602
6 изменённых файлов: 259 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

10
announce/2022/mfsa2022-40.yml
Просмотреть файл

@ -4,6 +4,8 @@ impact: high
fixed_in:
- Firefox 105
title: Security Vulnerabilities fixed in Firefox 105
description: |
This advisory was updated December 13, 2022 to add CVE-2022-46880. This fix was included in the original release of Firefox 105, but did not appear in the advisory published at that time.
advisories:
CVE-2022-3266:
title: Out of bounds read when decoding H264
@ -29,6 +31,14 @@ advisories:
Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash.
bugs:
- url: 1787633
CVE-2022-46880:
title: Use-after-free in WebGL
impact: high
reporter: Atte Kettunen
description: |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105.
bugs:
- url: 1749292
CVE-2022-40958:
title: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
impact: moderate

27
announce/2022/mfsa2022-44.yml
Просмотреть файл

@ -4,6 +4,8 @@ impact: high
fixed_in:
- Firefox 106
title: Security Vulnerabilities fixed in Firefox 106
description: |
This advisory was updated December 13, 2022 to add CVE-2022-46881 and CVE-2022-46885. Both fixes were included in the original release of Firefox 106, but did not appear in the advisory published at that time.
advisories:
CVE-2022-42927:
title: Same-origin policy violation could have leaked cross-origin URLs
@ -21,6 +23,14 @@ advisories:
Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption and a potentially exploitable crash.
bugs:
- url: 1791520
CVE-2022-46881:
title: Memory corruption in WebGL
impact: high
reporter: Karl and an Anonymous ASAN Nightly User
description: |
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106.
bugs:
- url: 1770930
CVE-2022-42929:
title: Denial of Service via window.print
impact: moderate
@ -29,6 +39,14 @@ advisories:
If a website called <code>window.print()</code> in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings.
bugs:
- url: 1789439
CVE-2022-42930:
title: Potential use-after-free in SVG Images
impact: moderate
reporter: Timothy Nikkel
description: |
A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106.
bugs:
- url: 1786818
CVE-2022-42930:
title: Race condition in DOM Workers
impact: moderate
@ -54,3 +72,12 @@ advisories:
bugs:
- url: 1789729, 1791363, 1792041
desc: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
CVE-2022-46885:
title: Memory safety bugs fixed in Firefox 106
impact: moderate
reporter: Mozilla developers
description: |
Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
bugs:
- url: 1786818, 1789729, 1791363, 1792041
desc: Memory safety bugs fixed in Firefox 106

19
announce/2022/mfsa2022-47.yml
Просмотреть файл

@ -4,6 +4,8 @@ impact: high
fixed_in:
- Firefox 107
title: Security Vulnerabilities fixed in Firefox 107
description: |
This advisory was updated December 13, 2022 to add CVE-2022-46882 and CVE-2022-46883. Both fixes were included in the original release of Firefox 107, but did not appear in the advisory published at that time.
advisories:
CVE-2022-45403:
title: Service Workers might have learned size of cross-origin media files
@ -133,6 +135,14 @@ advisories:
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks.
bugs:
- url: 1795815
CVE-2022-46882:
title: Use-after-free in WebGL
impact: moderate
reporter: Irvan Kurniawan
description: |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash.<br />*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 107.
bugs:
- url: 1789371
CVE-2022-45419:
title: Deleting a security exception did not take effect immediately
impact: low
@ -158,3 +168,12 @@ advisories:
bugs:
- url: 1767920, 1789808, 1794061
desc: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
CVE-2022-46883:
title: Memory safety bugs fixed in Firefox 107
impact: high
reporter: Mozilla developers
description: |
Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107.
bugs:
- url: 1584674, 1791152, 1792241, 1792984, 1793127, 1794645
desc: Memory safety bugs fixed in Firefox 107

73
announce/2022/mfsa2022-51.yml Normal file
Просмотреть файл

@ -0,0 +1,73 @@
## mfsa2022-51.yml
announced: December 13, 2022
impact: high
fixed_in:
- Firefox 108
title: Security Vulnerabilities fixed in Firefox 108
advisories:
CVE-2022-46871:
title: libusrsctp library out of date
impact: high
reporter: Mozilla Developers
description: |
An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited.
bugs:
- url: 1795697
CVE-2022-46872:
title: Arbitrary file read from a compromised content process
impact: high
reporter: Nika Layzell
description: |
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Firefox for Linux. Other operating systems are unaffected.*
bugs:
- url: 1799156
CVE-2022-46873:
title: Firefox did not implement the CSP directive unsafe-hashes
impact: moderate
reporter: Pete Freitag
description: |
Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This would be severely constrained by the specified Content Security Policy of the document.
bugs:
- url: 1644790
CVE-2022-46874:
title: Drag and Dropped Filenames could have been truncated to malicious extensions
impact: moderate
reporter: Matthias Zoellner
description: |
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could have potentially led to user confusion and the execution of malicious code.
bugs:
- url: 1746139
CVE-2022-46875:
title: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
impact: moderate
reporter: Dohyun Lee
description: |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*
bugs:
- url: 1786188
CVE-2022-46877:
title: Fullscreen notification bypass
impact: low
reporter: Hafiizh
description: |
By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks.
bugs:
- url: 1795139
CVE-2022-46878:
title: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
impact: high
reporter: Mozilla developers
description: |
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
bugs:
- url: 1782219, 1797370, 1797685, 1801102, 1801315, 1802395
desc: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
CVE-2022-46879:
title: Memory safety bugs fixed in Firefox 108
impact: high
reporter: Mozilla developers and community
description: |
Mozilla developers and community members Lukas Bernhard, Gabriele Svelto, Randell Jesup, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
bugs:
- url: 1736224, 1793407, 1794249, 1795845, 1797682, 1797720, 1798494, 1799479
desc: Memory safety bugs fixed in Firefox 108

64
announce/2022/mfsa2022-52.yml Normal file
Просмотреть файл

@ -0,0 +1,64 @@
## mfsa2022-52.yml
announced: December 13, 2022
impact: high
fixed_in:
- Firefox ESR 102.6
title: Security Vulnerabilities fixed in Firefox ESR 102.6
advisories:
CVE-2022-46880:
title: Use-after-free in WebGL
impact: high
reporter: Atte Kettunen
description: |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.
bugs:
- url: 1749292
CVE-2022-46872:
title: Arbitrary file read from a compromised content process
impact: high
reporter: Nika Layzell
description: |
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Firefox for Linux. Other operating systems are unaffected.*
bugs:
- url: 1799156
CVE-2022-46881:
title: Memory corruption in WebGL
impact: high
reporter: Karl and an Anonymous ASAN Nightly User
description: |
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.
bugs:
- url: 1770930
CVE-2022-46874:
title: Drag and Dropped Filenames could have been truncated to malicious extensions
impact: moderate
reporter: Matthias Zoellner
description: |
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.
bugs:
- url: 1746139
CVE-2022-46875:
title: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
impact: moderate
reporter: Dohyun Lee
description: |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*
bugs:
- url: 1786188
CVE-2022-46882:
title: Use-after-free in WebGL
impact: moderate
reporter: Irvan Kurniawan
description: |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash.
bugs:
- url: 1789371
CVE-2022-46878:
title: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
impact: high
reporter: Mozilla developers
description: |
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
bugs:
- url: 1782219, 1797370, 1797685, 1801102, 1801315, 1802395
desc: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

66
announce/2022/mfsa2022-53.yml Normal file
Просмотреть файл

@ -0,0 +1,66 @@
## mfsa2022-52.yml
announced: December 13, 2022
impact: high
fixed_in:
- Thunderbird 102.6
title: Security Vulnerabilities fixed in Thunderbird 102.6
description: |
*In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.*
advisories:
CVE-2022-46880:
title: Use-after-free in WebGL
impact: high
reporter: Atte Kettunen
description: |
A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.
bugs:
- url: 1749292
CVE-2022-46872:
title: Arbitrary file read from a compromised content process
impact: high
reporter: Nika Layzell
description: |
An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.<br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*
bugs:
- url: 1799156
CVE-2022-46881:
title: Memory corruption in WebGL
impact: high
reporter: Karl and an Anonymous ASAN Nightly User
description: |
An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.
bugs:
- url: 1770930
CVE-2022-46874:
title: Drag and Dropped Filenames could have been truncated to malicious extensions
impact: moderate
reporter: Matthias Zoellner
description: |
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.
bugs:
- url: 1746139
CVE-2022-46875:
title: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
impact: moderate
reporter: Dohyun Lee
description: |
The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*
bugs:
- url: 1786188
CVE-2022-46882:
title: Use-after-free in WebGL
impact: moderate
reporter: Irvan Kurniawan
description: |
A use-after-free in WebGL extensions could have led to a potentially exploitable crash.
bugs:
- url: 1789371
CVE-2022-46878:
title: Memory safety bugs fixed in Thunderbird 102.6
impact: high
reporter: Mozilla developers
description: |
Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
bugs:
- url: 1782219, 1797370, 1797685, 1801102, 1801315, 1802395
desc: Memory safety bugs fixed in Thunderbird 102.6