Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 935550 (CVE-2024-5689, CVE-2024-5694, CVE-2024-5695, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5701, CVE-2024-5702)

Summary: <www-client/firefox{-bin,}-{115.12.0,127.0}: Multiple vulnerabilities
Product: Gentoo Security Reporter: Christopher Fore <csfore>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: mozilla
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A3 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 935547    

Description Christopher Fore 2024-07-05 13:42:43 UTC 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-25/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/

The following CVEs only affect rapid (127.0):


CVE-2024-5689:

In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing.


CVE-2024-5694:

An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap.


CVE-2024-5695:

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred.


CVE-2024-5697:

A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox.


CVE-2024-5698:

By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks.


CVE-2024-5699:

In violation of spec, cookie prefixes such as __Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix.


CVE-2024-5701:

Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.



The following CVE only affects ESR (115.12.0):


CVE-2024-5702:

Memory corruption in the networking stack could have led to a potentially exploitable crash.


Please refer to the tracker for the CVEs that affect all Mozilla products.
Comment 1 Joonas Niilola gentoo-dev 2024-07-13 08:00:54 UTC 
This is done.
Comment 2 Larry the Git Cow gentoo-dev 2024-08-06 05:41:08 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=4ebaf5fd697ce534e95ea08df9014968d851d710

commit 4ebaf5fd697ce534e95ea08df9014968d851d710
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-08-06 05:40:35 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-08-06 05:41:04 +0000

    [ GLSA 202408-02 ] Mozilla Firefox: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/930380
    Bug: https://bugs.gentoo.org/932374
    Bug: https://bugs.gentoo.org/935550
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202408-02.xml | 110 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 110 insertions(+)