937467 – (CVE-2024-7530) <www-client/firefox{-bin,}-{115.14.0,129.0}: multiple vulnerabilities

Bug 937467 (CVE-2024-7530) - <www-client/firefox{-bin,}-{115.14.0,129.0}: multiple vulnerabilities

Summary: <www-client/firefox{-bin,}-{115.14.0,129.0}: multiple vulnerabilities

Status:	CONFIRMED

Alias:	CVE-2024-7530

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major
Assignee:	Gentoo Security

URL:	https://www.mozilla.org/en-US/securit...
Whiteboard:	A2 [glsa]
Keywords:

Depends on:	937516
Blocks:	CVE-2024-7518, CVE-2024-7519, CVE-2024-7520, CVE-2024-7521, CVE-2024-7522, CVE-2024-7523, CVE-2024-7524, CVE-2024-7525, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7531, MFSA2024-33, MFSA2024-34, MFSA2024-35, MFSA2024-38
	Show dependency tree

Reported:	2024-08-06 23:55 UTC by Christopher Fore
Modified:	2024-10-09 07:18 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Christopher Fore 2024-08-06 23:55:38 UTC

The following CVEs only affect www-client/firefox:rapid:


CVE-2024-7530:

Incorrect garbage collection interaction could have led to a use-after-free.


Please refer to the tracker for the CVEs that affect all Mozilla products.

Comment 1 Joonas Niilola gentoo-dev

2024-10-09 07:18:02 UTC

Tree is clean for these versions.