Red Hat Security Advisory 2024-0025-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0025.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0025-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0025  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.6.0 ESR.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> (CVE-2023-6865)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255361  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255366  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370

Red Hat Security Advisory 2024-0025-03

Red Hat Security Advisory 2024-0021-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0021.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0021-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0021  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.6.0 ESR.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> (CVE-2023-6865)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255361  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255366  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370

Red Hat Security Advisory 2024-0021-03

Red Hat Security Advisory 2024-0019-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0019.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0019-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0019  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.6.0 ESR.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> (CVE-2023-6865)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255361  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255366  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370

Red Hat Security Advisory 2024-0019-03

Red Hat Security Advisory 2024-0012-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0012.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0012-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0012  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.6.0 ESR.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> (CVE-2023-6865)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255361  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255366  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370

Red Hat Security Advisory 2024-0012-03

Red Hat Security Advisory 2024-0011-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0011.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:0011-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0011  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.6.0 ESR.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> (CVE-2023-6865)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255361  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255366  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370

Red Hat Security Advisory 2024-0011-03

Red Hat Security Advisory 2024-0005-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0005.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:0005-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0005  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.6.0.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: S/MIME signature accepted despite mismatching message date (CVE-2023-50761)

* Mozilla: Truncated signed text was shown with a valid OpenPGP signature (CVE-2023-50762)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370  
https://bugzilla.redhat.com/show_bug.cgi?id=2255378  
https://bugzilla.redhat.com/show_bug.cgi?id=2255379

Red Hat Security Advisory 2024-0005-03

Red Hat Security Advisory 2024-0004-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0004.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:0004-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0004  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.6.0.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: S/MIME signature accepted despite mismatching message date (CVE-2023-50761)

* Mozilla: Truncated signed text was shown with a valid OpenPGP signature (CVE-2023-50762)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370  
https://bugzilla.redhat.com/show_bug.cgi?id=2255378  
https://bugzilla.redhat.com/show_bug.cgi?id=2255379

Red Hat Security Advisory 2024-0004-03

Red Hat Security Advisory 2024-0002-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0002.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:0002-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0002  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.6.0.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: S/MIME signature accepted despite mismatching message date (CVE-2023-50761)

* Mozilla: Truncated signed text was shown with a valid OpenPGP signature (CVE-2023-50762)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370  
https://bugzilla.redhat.com/show_bug.cgi?id=2255378  
https://bugzilla.redhat.com/show_bug.cgi?id=2255379

Red Hat Security Advisory 2024-0002-03

Red Hat Security Advisory 2024-0001-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0001.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: thunderbird security update  
Advisory ID:        RHSA-2024:0001-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:0001  
Issue date:         2024-01-02  
Revision:           03  
CVE Names:          CVE-2023-6856  
====================================================================

Summary: 

An update for thunderbird is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.6.0.

Security Fix(es):

* Mozilla: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver (CVE-2023-6856)

* Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864)

* Mozilla: S/MIME signature accepted despite mismatching message date (CVE-2023-50761)

* Mozilla: Truncated signed text was shown with a valid OpenPGP signature (CVE-2023-50762)

* Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857)

* Mozilla: Heap buffer overflow in <code>nsTextFragment</code> (CVE-2023-6858)

* Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859)

* Mozilla: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation (CVE-2023-6860)

* Mozilla: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode (CVE-2023-6861)

* Mozilla: Use-after-free in <code>nsDNSService</code> (CVE-2023-6862)

* Mozilla: Undefined behavior in <code>ShutdownObserver()</code> (CVE-2023-6863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-6856

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2255360  
https://bugzilla.redhat.com/show_bug.cgi?id=2255362  
https://bugzilla.redhat.com/show_bug.cgi?id=2255363  
https://bugzilla.redhat.com/show_bug.cgi?id=2255364  
https://bugzilla.redhat.com/show_bug.cgi?id=2255365  
https://bugzilla.redhat.com/show_bug.cgi?id=2255367  
https://bugzilla.redhat.com/show_bug.cgi?id=2255368  
https://bugzilla.redhat.com/show_bug.cgi?id=2255369  
https://bugzilla.redhat.com/show_bug.cgi?id=2255370  
https://bugzilla.redhat.com/show_bug.cgi?id=2255378  
https://bugzilla.redhat.com/show_bug.cgi?id=2255379

Red Hat Security Advisory 2024-0001-03

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

December was a hectic month for updates as firms including Apple and Google rushed to get patches out to fix serious flaws in their products before the holiday break.

Enterprise software giants also issued their fair share of patches, with Atlassian and SAP squashing several critical bugs during December.

Here’s what you need to know about the important updates you might have missed during the month.

Apple iOS

In mid-December, Apple released iOS 17.2, a major point upgrade containing features such as the Journal app, as well as 12 security patches. Among the flaws fixed in iOS 17.2 is CVE-2023-42890, an issue in the WebKit browser engine that could allow an attacker to execute code.

Another flaw in the iPhone’s Kernel, tracked as CVE-2023-4291, could see an app break out of its secure sandbox, Apple wrote on its support page. Meanwhile, two vulnerabilities in ImageIO, CVE-2023-42898 and CVE-2023-42899, could lead to code execution.

The iOS 17.2 update also put a mechanism in place to prevent a Bluetooth attack using a penetration testing device called Flipper Zero, according to tests by ZDNET and 9to5Mac. The annoying denial of service cyber-assault could cause a flurry of pop ups to appear on an iPhone and eventually lock up the device.

Apple also released iOS 16.7.3, Safari 17.2, macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2, tvOS 17.2 and watchOS 10.2.

Just one week after releasing iOS 17.2, Apple issued iOS 17.2.1 and iOS 16.7.4 for older devices, alongside macOS Sonoma 14.2.1. The surprise iPhone update contains unspecified bug and security fixes, while the macOS patch fixes a single flaw tracked as CVE-2023-42940.

Google Android

The Google Android December Security Bulletin was a hefty one, fixing nearly 100 security issues. The update includes patches for two critical issues in the Framework, the most severe of which could lead to remote escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation, Google said.

CVE-2023-40088 is a critical flaw in the System that could lead to remote code execution, while CVE-2023-40078 is an elevation of privilege bug rated as having a high impact.

Google has also issued an update for its smart device WearOS platform, fixing CVE-2023-40094, an elevation of privilege flaw. The Pixel Security Bulletin has not been posted at the time of writing.

Google Chrome

Google ended a bumper December of updates in style with an emergency fix for its Chrome browser. The eighth zero-day vulnerability impacting Chrome in 2024, CVE-2023-7024 is a heap buffer overflow issue in the open source WebRTC component. Google is “aware that an exploit for CVE-2023-7024 exists in the wild,” the browser maker said in an advisory.

It wasn’t the first fix released by Google in December. The software giant also issued a Chrome patch mid-month to fix nine security issues. Of the flaws reported by external researchers, five are rated as having a high severity, including CVE-2023-6702, a type confusion flaw in V8, and four use-after-free bugs.

Earlier in the month Google released Chrome 120, fixing 10 security flaws, including two rated as having a high severity. CVE-2023-6508 is a use-after-free bug in Media Stream, while CVE-2023-6509 is a use-after-free issue in Side Panel Search.

Microsoft

Microsoft’s December Patch Tuesday fixes over 30 vulnerabilities including several remote code execution (RCE) flaws. Among the critical fixes is CVE-2023-36019, a spoofing vulnerability in Microsoft Power Platform Connector with a CVSS score of 9.6. The issue could see an attacker manipulate a malicious link, app, or file to trick the victim. However, you would have to click on a specially crafted URL to be compromised.

Meanwhile, CVE-2023-35628 is a Windows MSHTML Platform RCE bug rated as critical with a CVSS score of 8.1. “The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client,” Microsoft said, adding that this could lead to exploitation before the email is viewed in the Preview Pane.

It was a fairly light Patch Tuesday, and none of the issues fixed in the month’s update cycle are known to have been exploited, but it still makes sense to apply the fixes as soon as you can.

Mozilla Firefox

Mozilla has fixed 18 security vulnerabilities in its Firefox browser, a third of which are rated as having a high severity. Of these, CVE-2023-6856 is a heap-buffer-overflow issue affecting WebGL DrawElementsInstanced method with Mesa VM driver that could allow an attacker to perform remote code execution and sandbox escape.

Meanwhile, Mozilla has also fixed memory safety bugs tracked as CVE-2023-6864 and CVE-2023-6873. “Some of these bugs showed evidence of memory corruption and we presume that with enough effort \[they\] could have been exploited to run arbitrary code,” Mozilla said.

Apache

The Apache Software Foundation has issued a patch for a flaw in its Struts 2 open source developer framework. Tracked as CVE-2023-50164, the issue is rated as critical with a CVSS score of 9.8.

Using the vulnerability, an attacker could manipulate file upload parameters to enable paths traversal. Under some circumstances, this could lead to uploading a malicious file and be used to perform RCE, according to a security advisory.

To fix the flaw, it’s important to upgrade to Struts 2.5.33 or Struts 6.3.0.2 as soon as possible.

Atlassian

Enterprise software giant Atlassian has issued a patch to fix critical RCE vulnerabilities in its Confluence Data Center and Server. Tracked as CVE-2023-22522, the template injection vulnerability allows an authenticated attacker to inject unsafe user input into a Confluence page. “Using this approach, an attacker is able to achieve RCE on an affected instance,” Atlassian said in an advisory.

Marked as critical with a CVSS score of 9, the bug affects all versions including and after 4.0.0 of Confluence Data Center and Server. Atlassian “recommends patching to the latest version or a fixed LTS version” to address the issue.

Other patches released by Atlassian during the month include a fix for an RCE vulnerability in the Atlassian macOS app, an RCE bug in Assets Discovery, and a SnakeYAML library RCE issue impacting multiple products.

SAP

Business software maker SAP has released its December Security Patch Day, fixing several serious security flaws. The most critical, with a CVSS score of 9.1, are four escalation-of-privilege bugs in SAP Business Technology Platform tracked as CVE-2023-49583, CVE-2023-50422, CVE-2023-50423, and CVE-2023-50424.

“It allows an unauthenticated attacker to obtain arbitrary permissions within the application leading to high impact on the application’s confidentiality and integrity,” security firm Onapsis said.

Meanwhile, CVE-2023-42481 is an improper access control vulnerability in SAP Commerce Cloud with a CVSS score of 8.1. “This allows a user who is actually blocked to regain access to the application, leading to considerable impact on confidentiality and integrity,” according to Onapsis.

Tag

#buffer_overflow