Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#13354 closed enhancement (fixed)

firefox-68.6.1 (0days: CVE-2020-6819 CVE-2020-6820)

Reported by: Douglas R. Reno Owned by: ken@…
Priority: highest Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Mozilla Foundation Security Advisory 2020-11
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1

Announced
    April 3, 2020
Impact
    critical
Products
    Firefox, Firefox ESR
Fixed in

        Firefox 74.0.1
        Firefox ESR 68.6.1

#CVE-2020-6819: Use-after-free while running the nsDocShell destructor

Reporter
    Francisco Alonso @revskills working with Javier Marcos of @JMPSec
Impact
    critical

Description

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.
References

    Bug 1620818

#CVE-2020-6820: Use-after-free when handling a ReadableStream

Reporter
    Francisco Alonso @revskills working with Javier Marcos of @JMPSec
Impact
    critical

Description

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.
References

    Bug 1626728

Change History (6)

comment:1 by ken@…, 3 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:2 by ken@…, 3 years ago

Perhaps this means that 68.7.0 (due on Tuesday) will not have any security fixes.

comment:3 by ken@…, 3 years ago

In view of the urgency, I'll keep the buildsize and time measurements unaltered since I have not updated my 4-core machine to current rustc yet.

r22942.

comment:4 by ken@…, 3 years ago

Resolution: fixed
Status: assignedclosed

comment:5 by Bruce Dubbs, 3 years ago

Milestone: 9.210,0

Milestone renamed

comment:6 by Bruce Dubbs, 3 years ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.