Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 730626 (CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421) - [Tracker] Multiple vulnerabilities in Mozilla Products (CVE-2020-{12417,12418,12419,12420,12421})
Summary: [Tracker] Multiple vulnerabilities in Mozilla Products (CVE-2020-{12417,12418...
Status: RESOLVED FIXED
Alias: CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard:
Keywords:
Depends on: CVE-2020-12402, CVE-2020-12415, CVE-2020-12416, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426, MFSA-2020-25 MFSA-2020-0001
Blocks:
  Show dependency tree
 
Reported: 2020-07-03 19:28 UTC by John Helmert III
Modified: 2020-07-27 20:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-07-03 19:28:40 UTC
CVE-2020-12417:

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.
Note: this issue only affects Firefox on ARM64 platforms.

CVE-2020-12418:

Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript.

CVE-2020-12419:

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash.

CVE-2020-12420:

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash.

CVE-2020-12421:

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user.