{"id":"MGASA-2023-0111","summary":"Updated firefox packages fix security vulnerability","details":"Sometimes, when invalidating JIT code while following an iterator, the newly\ngenerated code could be overwritten incorrectly. This could lead to a\npotentially exploitable crash (CVE-2023-25751).\n\nWhen accessing throttled streams, the count of available bytes needed to be\nchecked in the calling function to be within bounds. This may have lead\nfuture code to be incorrect and vulnerable (CVE-2023-25752).\n\nWhile implementing on AudioWorklets, some code may have casted one type to\nanother, invalid, dynamic type. This could have lead to a potentially\nexploitable crash (CVE-2023-28162).\n\nDragging a URL from a cross-origin iframe that was removed during the drag\ncould have lead to user confusion and website spoofing attacks\n(CVE-2023-28164).\n\nMozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing\nTeam reported memory safety bugs present in Firefox ESR 102.8. Some of these\nbugs showed evidence of memory corruption and we presume that with enough\neffort some of these could have been exploited to run arbitrary code\n(CVE-2023-28176).\n","modified":"2026-02-01T05:45:17.259492Z","published":"2023-03-24T05:55:49Z","related":["CVE-2023-25751","CVE-2023-25752","CVE-2023-28162","CVE-2023-28164","CVE-2023-28176"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0111.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31663"},{"type":"REPORT","url":"https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/HcRrYgEdGIo"},{"type":"REPORT","url":"https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_89.html"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/"}],"affected":[{"package":{"name":"firefox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"102.9.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0111.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"102.9.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0111.json"}},{"package":{"name":"nss","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.89.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0111.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}