Sonakkbi

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 118 Firefox ESR versions prior to 115.3 Thunderbird versions prior to 115.3 **Description** A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows, with other operating systems being unaffected. **Recommendations** For Firefox versions prior to 118, update to version 118 or later. For Firefox ESR versions prior to 115.3, update to version 115.3 or later. For Thunderbird versions prior to 115.3, update to version 115.3 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 118 Firefox ESR versions prior to 115.3 Thunderbird versions prior to 115.3 **Description** A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. The issue is related to a buffer overflow vulnerability. **Recommendations** For Firefox versions prior to 118, update to version 118 or later to resolve the issue. For Firefox ESR versions prior to 115.3, update to version 115.3 or later to resolve the issue. For Thunderbird versions prior to 115.3, update to version 115.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 117 Firefox ESR versions prior to 102.15 and prior to 115.2 Thunderbird versions prior to 102.15 and prior to 115.2 **Description** The issue is related to the creation of callbacks over IPC for showing the File Picker window. Multiple callbacks could be created simultaneously and destroyed at the same time when one of them finishes, leading to a use-after-free and potentially causing an exploitable crash. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Firefox versions prior to 117, update to version 117 or later. For Firefox ESR versions prior to 102.15, update to version 102.15 or later. For Firefox ESR versions prior to 115.2, update to version 115.2 or later. For Thunderbird versions prior to 102.15, update to version 102.15 or later. For Thunderbird versions prior to 115.2, update to version 115.2 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 117 Firefox ESR versions prior to 102.15 and prior to 115.2 Thunderbird versions prior to 102.15 and prior to 115.2 **Description** The issue is related to the creation of callbacks over IPC for showing the Color Picker window, where multiple callbacks could be created and destroyed simultaneously, leading to a use-after-free causing a potentially exploitable crash. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Firefox versions prior to 117, update to version 117 or later. For Firefox ESR versions prior to 102.15, update to version 102.15 or later. For Firefox ESR versions prior to 115.2, update to version 115.2 or later. For Thunderbird versions prior to 102.15, update to version 102.15 or later. For Thunderbird versions prior to 115.2, update to version 115.2 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 117 Firefox ESR versions prior to 102.15 and prior to 115.2 Thunderbird versions prior to 102.15 and prior to 115.2 **Description** The issue is related to a use-after-free error that could occur when receiving rendering data over IPC, specifically with the `mStream` variable. This could lead to a potentially exploitable crash. The vulnerability may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Firefox versions prior to 117, update to version 117 or later. For Firefox ESR versions prior to 102.15, update to version 102.15 or later. For Firefox ESR versions prior to 115.2, update to version 115.2 or later. For Thunderbird versions prior to 102.15, update to version 102.15 or later. For Thunderbird versions prior to 115.2, update to version 115.2 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 118 **Description** The issue is related to a memory leak in the canvas rendering process. A compromised content process could cause a surface to change unexpectedly, leading to a memory leak of a privileged process. This could potentially be used to effect a sandbox escape if the correct data was leaked. The vulnerability is associated with incorrect memory release before removing the last reference. **Recommendations** For versions prior to 118, update to version 118 or later to resolve the issue. As a temporary workaround, consider restricting access to canvas rendering functionality until a patch is available.