SUSE update for MozillaFirefox
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU70145
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46871
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in libusrsctp. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insufficient UI Warning of Dangerous Operations
EUVDB-ID: #VU70154
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46877
CWE-ID:
CWE-357 - Insufficient UI Warning of Dangerous Operations
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the way fullscreen notifications are displayed by the browser. A remote attacker can confuse browser to delay or suppress fullscreen notifications and perform spoofing attack.
Update the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU71224
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23598
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to read arbitrary files on the system.
The vulnerability exists due to improperly imposed security restrictions with the Firefox GTK wrapper. A remote attacker can trick the victim to perform certain actions on the web page, such as drag objects and read arbitrary files on the system via a call to DataTransfer.setData.
Update the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU71227
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23601
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attacks.
The vulnerability exists due to the way browser treats dragging of URL from the cross-origin iframe into the same tab. A remote attacker can perform spoofing attack.
Update the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Security features bypass
EUVDB-ID: #VU71228
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23602
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to incorrect processing of CSP. A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers.
MitigationUpdate the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Incorrect Regular Expression
EUVDB-ID: #VU71229
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23603
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to usage of an incorrect regular expression when filtering out forbidden properties and values from style directives in calls to console.log. A remote attacker can exfiltrate data from the victim's browser.
Update the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU71231
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-23605
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package MozillaFirefox to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP2 - 15-SP3
SUSE Linux Enterprise Server: 15-SP2-LTSS - 15-SP4
SUSE Linux Enterprise Realtime Extension: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-SP2-LTSS - 15-SP4
SUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Desktop Applications: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
MozillaFirefox-translations-other: before 102.7.0-150200.152.73.1
MozillaFirefox-translations-common: before 102.7.0-150200.152.73.1
MozillaFirefox-devel: before 102.7.0-150200.152.73.1
MozillaFirefox-debugsource: before 102.7.0-150200.152.73.1
MozillaFirefox-debuginfo: before 102.7.0-150200.152.73.1
MozillaFirefox-branding-upstream: before 102.7.0-150200.152.73.1
MozillaFirefox: before 102.7.0-150200.152.73.1
External linkshttp://www.suse.com/support/update/announcement/2023/suse-su-20230113-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
