Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 927559 (CVE-2024-29943, CVE-2024-29944) - <www-client/firefox-{bin,}-{115.9.1,124.0.1}: multiple vulnerabilities
Summary: <www-client/firefox-{bin,}-{115.9.1,124.0.1}: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2024-29943, CVE-2024-29944
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard: A2 [glsa+]
Keywords:
: 927626 (view as bug list)
Depends on: 927661 928347
Blocks:
  Show dependency tree
 
Reported: 2024-03-22 22:11 UTC by Christopher Fore
Modified: 2024-07-06 07:12 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Fore 2024-03-22 22:11:01 UTC 
CVE-2024-29943:

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.


CVE-2024-29944:

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1.
Comment 1 Joonas Niilola gentoo-dev 2024-03-23 16:37:32 UTC 
*** Bug 927626 has been marked as a duplicate of this bug. ***
Comment 2 Larry the Git Cow gentoo-dev 2024-03-23 17:02:47 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d8557d20e509d1492e659aea36f2c12bb9c0691a

commit d8557d20e509d1492e659aea36f2c12bb9c0691a
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2024-03-23 17:01:20 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2024-03-23 17:02:44 +0000

    www-client/firefox: add 124.0.1
    
     - since an upgrade to profile 23.0 breaks elf-hack=legacy, use elf-hack=relr
       even with gcc now. "-z,pack-relative-relocs" will be handled later, but it
       is enabled by the build system's elf-hack=relr already.
    
    Bug: https://bugs.gentoo.org/916405
    Bug: https://bugs.gentoo.org/927559
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest               |  100 ++
 www-client/firefox/firefox-124.0.1.ebuild | 1421 +++++++++++++++++++++++++++++
 2 files changed, 1521 insertions(+)
Comment 3 Larry the Git Cow gentoo-dev 2024-03-23 20:49:49 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=62c46990c64099e750d9339d7e0971fbd2f55d3f

commit 62c46990c64099e750d9339d7e0971fbd2f55d3f
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2024-03-23 20:47:56 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2024-03-23 20:49:46 +0000

    www-client/firefox: add 115.9.1
    
     - with profile 23.0 elf-hack=legacy is broken with gcc. With Firefox-115esr
       elf-hack=relr isn't available (only in rapid). Solution: Disable build
       system's elf-hack completely, and add "-z,pack-relative-relocs" manually
       with gcc.
    
    Bug: https://bugs.gentoo.org/916405
    Bug: https://bugs.gentoo.org/927559
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest               |  100 +++
 www-client/firefox/firefox-115.9.1.ebuild | 1394 +++++++++++++++++++++++++++++
 2 files changed, 1494 insertions(+)
Comment 4 Larry the Git Cow gentoo-dev 2024-03-24 17:39:18 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b392831019eb177fc3579e62343c251067d0ec8

commit 7b392831019eb177fc3579e62343c251067d0ec8
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2024-03-24 17:37:30 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2024-03-24 17:39:15 +0000

    mail-client/thunderbird: handle "-z,pack-relative-relocs" like in ff
    
    Closes: https://bugs.gentoo.org/916405
    Closes: https://bugs.gentoo.org/927559
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird/thunderbird-115.9.0.ebuild | 28 +++++++---------------
 1 file changed, 8 insertions(+), 20 deletions(-)
Comment 5 Joonas Niilola gentoo-dev 2024-03-24 17:42:06 UTC 
Woops.
Comment 6 John Witch 2024-04-24 03:08:09 UTC Comment hidden (spam)
Comment 7 Larry the Git Cow gentoo-dev 2024-07-06 07:11:57 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=212a4b375c557073cdfba6c10bc0bf6cb57b54c6

commit 212a4b375c557073cdfba6c10bc0bf6cb57b54c6
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-07-06 07:11:46 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-07-06 07:11:55 +0000

    [ GLSA 202407-22 ] Mozilla Firefox: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/927559
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202407-22.xml | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)