Vulnerability CVE-2023-25745: Information

Description

Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-25745
Published: June 2, 2023
Modified: Nov. 7, 2023
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus110.0.1-alt1127.0-alt1ALT-PU-2023-1387-1316159Fixed
firefoxsisyphus_riscv64110.0.1-alt0.1.rv64126.0-alt0.portALT-PU-2023-2788-1-Fixed
firefoxp10110.0.1-alt0.p10.1118.0.2-alt0.p10.1ALT-PU-2023-1478-1316337Fixed
firefoxc10f1110.0.1-alt0.p10.1112.0.2-alt0.p10.1ALT-PU-2023-1478-1316337Fixed
firefoxp11110.0.1-alt1126.0.1-alt1ALT-PU-2023-1387-1316159Fixed
firefox-esrsisyphus115.2.1-alt1115.11.0-alt1ALT-PU-2023-5754-2329883Fixed
firefox-esrp10115.3.1-alt4115.11.0-alt1ALT-PU-2023-6436-2330014Fixed
firefox-esrc10f1115.8.0-alt0.c10.1115.9.1-alt0.c10.1ALT-PU-2024-3614-2340631Fixed
firefox-esrp11115.2.1-alt1115.11.0-alt1ALT-PU-2023-5754-2329883Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284
  • Issue Tracking
  • Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2023-05/
  • Vendor Advisory

    1. Configuration 1

      cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
      End excliding
      110.0
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top