SB2026041303 - Red Hat Enterprise Linux 9 update for firefox

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026041303

SB2026041303 - Red Hat Enterprise Linux 9 update for firefox

Published: April 13, 2026

Security Bulletin ID SB2026041303
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 80% Medium 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2026-33416)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to use-after-free in png_set_tRNS and png_set_PLTE when processing a crafted PNG file and subsequent decoding after png_free_data() or repeated setter calls. A remote attacker can supply a specially crafted PNG file to execute arbitrary code.

User interaction is required to open or process the crafted PNG file, and exploitation affects applications that free PNG data between png_read_info() and png_read_update_info().


2) Out-of-bounds read (CVE-ID: CVE-2026-33636)

The vulnerability allows a remote attacker to cause a denial of service, disclose sensitive information, and corrupt memory.

The vulnerability exists due to out-of-bounds read and out-of-bounds write in the ARM/AArch64 Neon palette expansion path when decoding a crafted paletted PNG image with palette expansion enabled. A remote attacker can supply a specially crafted PNG image to cause a denial of service, disclose sensitive information, and corrupt memory.

Only builds targeting ARM/AArch64 with Neon enabled are affected. The issue is triggered for palette-based images during palette expansion, with the RGBA path requiring a tRNS chunk and the RGB path requiring no tRNS chunk. User interaction is required to open or process the crafted image.


3) Buffer overflow (CVE-ID: CVE-2026-5734)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Buffer overflow (CVE-ID: CVE-2026-5731)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Integer overflow (CVE-ID: CVE-2026-5732)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the Graphics: Text component. A remote attacker can trick the victim into visiting a specially crafted website, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References