Ubuntu update for firefox



Published: 2023-08-30
Risk High
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2023-4573
CVE-2023-4574
CVE-2023-4575
CVE-2023-4577
CVE-2023-4578
CVE-2023-4579
CVE-2023-4580
CVE-2023-4581
CVE-2023-4583
CVE-2023-4584
CVE-2023-4585
CWE-ID CWE-416
CWE-119
CWE-400
CWE-20
CWE-312
CWE-357
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

firefox (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU80090

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4573

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC CanvasTranslator. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU80091

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4574

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC ColorPickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU80092

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4575

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in IPC FilePickerShownCallback. A remote attacker can trick the victim to open a specially crafted website, trigger memory corruption and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU80097

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4577

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in JIT UpdateRegExpStatics when UpdateRegExpStatics attempted to access initialStringHeap. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU80098

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4578

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in JS::CheckRegExpSyntax. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU80096

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4579

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a spoofing attack.

The vulnerability exists due to insufficient validation of user-supplied input when handling persistent search terms. Search queries in the default search engine can appear to have been the currently navigated URL if the search query itself is a well formed URL. As a result, a remote attacker can perform a spoofing attack if it had been maliciously set as the default search engine.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Cleartext storage of sensitive information

EUVDB-ID: #VU80099

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4580

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to push notifications are saved to disk unencrypted. A local user can gain access to potentially sensitive information.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Insufficient UI Warning of Dangerous Operations

EUVDB-ID: #VU80094

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4581

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a missing warning when downloading Excel .xll add-in files. A remote attacker can trick the victim to visit a specially crafted website and force the browser to download potentially dangerous files without any warning.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Information disclosure

EUVDB-ID: #VU80101

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4583

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to private session data are not cleared in HttpBaseChannel when closing private window. A remote attacker can obtain information from the not cleared session.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU80095

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4584

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

EUVDB-ID: #VU80102

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4585

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package firefox to the latest version.

Vulnerable software versions

Ubuntu: 20.04

firefox (Ubuntu package): before 117.0+build2-0ubuntu0.20.04.1

External links

http://ubuntu.com/security/notices/USN-6320-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###