Ubuntu Security Notice USN-6779-1
2024-5-22 00:35:18 Author: packetstormsecurity.com(查看原文) 阅读量:26 收藏 
==========================================================================
Ubuntu Security Notice USN-6779-1
May 21, 2024
firefox vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-4767,
CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773,
CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778)
Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory
when audio input connected with multiple consumers. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-4764)
Thomas Rinsma discovered that Firefox did not properly handle type check
when handling fonts in PDF.js. An attacker could potentially exploit this
issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367)
Irvan Kurniawan discovered that Firefox did not properly handle certain
font styles when saving a page to PDF. An attacker could potentially
exploit this issue to cause a denial of service. (CVE-2024-4770)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
  firefox                         126.0+build2-0ubuntu0.20.04.1
After a standard system update you need to restart Firefox to make all the
necessary changes.
References:
  https://ubuntu.com/security/notices/USN-6779-1
  CVE-2024-4367, CVE-2024-4764, CVE-2024-4767, CVE-2024-4768,
  CVE-2024-4769, CVE-2024-4770, CVE-2024-4771, CVE-2024-4772,
  CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776,
  CVE-2024-4777, CVE-2024-4778
Package Information:
  https://launchpad.net/ubuntu/+source/firefox/126.0+build2-0ubuntu0.20.04.1

文章来源: https://packetstormsecurity.com/files/178650/USN-6779-1.txt
如有侵权请联系:admin#unsafe.sh