PT-2023-2795 · Mozilla+10 · Firefox Esr+14
Junyoung Park
·
Publicado
2023-04-11
·
Atualizado
2025-01-10
·
CVE-2023-29548
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 112
Focus for Android versions prior to 112
Firefox ESR versions prior to 102.10
Firefox for Android versions prior to 112
Thunderbird versions prior to 102.10
Description
The issue is related to a wrong lowering instruction in the ARM64 Ion compiler, resulting in incorrect optimization. This can allow a remote attacker to gain unauthorized access to protected information. The vulnerability may enable the attacker to access confidential information.
Recommendations
For Firefox versions prior to 112, update to version 112 or later.
For Focus for Android versions prior to 112, update to version 112 or later.
For Firefox ESR versions prior to 102.10, update to version 102.10 or later.
For Firefox for Android versions prior to 112, update to version 112 or later.
For Thunderbird versions prior to 102.10, update to version 102.10 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Firefox For Android
Focus For Android
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu