Security update for MozillaFirefox SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:3837-1 Final 1 1 2023-09-27T17:27:28Z current 2023-09-27T17:27:28Z 2023-09-27T17:27:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaFirefox This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.3.0 ESR (MFSA 2023-42, bsc#1215575): Security fixes: - CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 (bmo#1846683). - CVE-2023-5169: Out-of-bounds write in PathOps (bmo#1846685). - CVE-2023-5171: Use-after-free in Ion Compiler (bmo#1851599). - CVE-2023-5174: Double-free in process spawning on Windows (bmo#1848454). - CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195). Other fixes: - Fix broken build with newer binutils (bsc#1215309) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2023-3837,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2023-3837,SUSE-2023-3837,SUSE-SLE-SDK-12-SP5-2023-3837,SUSE-SLE-SERVER-12-SP5-2023-3837 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ Link for SUSE-SU-2023:3837-1 https://lists.suse.com/pipermail/sle-updates/2023-September/031728.html E-Mail link for SUSE-SU-2023:3837-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1215309 SUSE Bug 1215309 https://bugzilla.suse.com/1215575 SUSE Bug 1215575 https://www.suse.com/security/cve/CVE-2023-5168/ SUSE CVE CVE-2023-5168 page https://www.suse.com/security/cve/CVE-2023-5169/ SUSE CVE CVE-2023-5169 page https://www.suse.com/security/cve/CVE-2023-5171/ SUSE CVE CVE-2023-5171 page https://www.suse.com/security/cve/CVE-2023-5174/ SUSE CVE CVE-2023-5174 page https://www.suse.com/security/cve/CVE-2023-5176/ SUSE CVE CVE-2023-5176 page Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 MozillaFirefox-115.3.0-112.182.1 MozillaFirefox-branding-upstream-115.3.0-112.182.1 MozillaFirefox-devel-115.3.0-112.182.1 MozillaFirefox-translations-common-115.3.0-112.182.1 MozillaFirefox-translations-other-115.3.0-112.182.1 MozillaFirefox-115.3.0-112.182.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production MozillaFirefox-115.3.0-112.182.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production MozillaFirefox-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-devel-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-translations-common-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server 12 SP5 MozillaFirefox-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-devel-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-translations-common-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox-devel-115.3.0-112.182.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. CVE-2023-5168 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ https://www.suse.com/security/cve/CVE-2023-5168.html CVE-2023-5168 https://bugzilla.suse.com/1215575 SUSE Bug 1215575 A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. CVE-2023-5169 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ https://www.suse.com/security/cve/CVE-2023-5169.html CVE-2023-5169 https://bugzilla.suse.com/1215575 SUSE Bug 1215575 During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. CVE-2023-5171 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ https://www.suse.com/security/cve/CVE-2023-5171.html CVE-2023-5171 https://bugzilla.suse.com/1215575 SUSE Bug 1215575 If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. CVE-2023-5174 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ https://www.suse.com/security/cve/CVE-2023-5174.html CVE-2023-5174 https://bugzilla.suse.com/1215575 SUSE Bug 1215575 Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. CVE-2023-5176 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.3.0-112.182.1 SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.3.0-112.182.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233837-1/ https://www.suse.com/security/cve/CVE-2023-5176.html CVE-2023-5176 https://bugzilla.suse.com/1215575 SUSE Bug 1215575