SUSE update for MozillaThunderbird
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2025-2817 CVE-2025-4082 CVE-2025-4083 CVE-2025-4084 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 |
| CWE-ID | CWE-667 CWE-119 CWE-693 CWE-20 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Workstation Extension 15 Operating systems & Components / Operating system SUSE Package Hub 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system MozillaThunderbird-translations-other Operating systems & Components / Operating system package or component MozillaThunderbird-debuginfo Operating systems & Components / Operating system package or component MozillaThunderbird-translations-common Operating systems & Components / Operating system package or component MozillaThunderbird Operating systems & Components / Operating system package or component MozillaThunderbird-debugsource Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU108044
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-2817
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking mechanism in Firefox Updater. A medium-integrity user process can interfere with the SYSTEM-level updater by manipulating the file-locking behavior by injecting code into the user-privileged process. A local user or malicious software installed on the system can bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation.
MitigationUpdate the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU108045
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4082
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing WebGL shader attributes. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Note, the vulnerability affects macOS installations only.
Update the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Protection Mechanism Failure
EUVDB-ID: #VU108046
Risk: High
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4083
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient process isolation when handling "javascript:" URI links. An attacker can trick the victim into clicking on a specially crafted link and execute content in the top-level document's process instead of the intended frame.
MitigationUpdate the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU108047
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-4084
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient insufficient escaping of the ampersand character in the "copy as cURL" feature. A remote attacker can trick the victim into copying a specially crafted URL and execute arbitrary commands on the system.
Note, the vulnerability affects Windows installations only.
Update the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU108048
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4087
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a boundary condition when parsing XPath content. A remote attacker can trick the victim into visiting a specially crafted website, trigger an out-of-bounds read error and execute arbitrary code on the system.
MitigationUpdate the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU108049
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4091
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU108050
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4093
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package MozillaThunderbird to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Workstation Extension 15: SP6
SUSE Package Hub 15: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
MozillaThunderbird-translations-other: before 128.10.0-150200.8.212.1
MozillaThunderbird-debuginfo: before 128.10.0-150200.8.212.1
MozillaThunderbird-translations-common: before 128.10.0-150200.8.212.1
MozillaThunderbird: before 128.10.0-150200.8.212.1
MozillaThunderbird-debugsource: before 128.10.0-150200.8.212.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_workstation_extension_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_package_hub_15:15-SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop_15:SP6:*:*:*:*:*:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-other:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-translations-common:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:mozillathunderbird-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2025/suse-su-20251506-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
