PT-2019-1905 · Mozilla+5 · Firefox Esr+7

Samuel Groß

·

Published

2019-03-19

·

Updated

2024-12-12

·

CVE-2019-9792

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 66 Firefox ESR versions prior to 60.6 Thunderbird versions prior to 60.6
Description The IonMonkey just-in-time (JIT) compiler can leak an internal JS OPTIMIZED OUT magic value to the running script during a bailout, which can be used by JavaScript to achieve memory corruption, resulting in a potentially exploitable crash. The vulnerability is related to a buffer overflow and memory corruption issue.
Recommendations For Firefox versions prior to 66, update to version 66 or later. For Firefox ESR versions prior to 60.6, update to version 60.6 or later. For Thunderbird versions prior to 60.6, update to version 60.6 or later.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2019-1486
ALT-PU-2019-1497
ALT-PU-2019-1561
ALT-PU-2019-2324
ALT-PU-2019-2486
BDU:2019-01568
CESA-2019_0622
CESA-2019_0623
CESA-2019_0680
CESA-2019_0681
CESA-2019_0966
CESA-2019_1144
CVE-2019-9792
DLA-1722-1
DLA-1743-1
DSA-4411-1
DSA-4420-1
MGASA-2019-0116
MGASA-2019-0129
OPENSUSE-SU-2019:1077-1
OPENSUSE-SU-2019:1126-1
OPENSUSE-SU-2019:1162-1
OPENSUSE-SU-2019_1056-1
OPENSUSE-SU-2019_1077-1
OPENSUSE-SU-2019_1162-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:0622
RHSA-2019:0623
RHSA-2019:0680
RHSA-2019:0681
RHSA-2019:0966
RHSA-2019:1144
RHSA-2019_0622
RHSA-2019_0623
RHSA-2019_0680
RHSA-2019_0681
RHSA-2019_0966
RHSA-2019_1144
SUSE-SU-2019:0852-1
SUSE-SU-2019:0853-1
SUSE-SU-2019:0871-1
USN-3918-1
USN-3918-2
USN-3918-3
USN-3918-4
USN-3927-1

Affected Products

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu