PT-2023-2795 · Mozilla+10 · Firefox Esr+14

Junyoung Park

Published

2023-04-11

Updated

2025-01-10

CVE-2023-29548

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 112 Focus for Android versions prior to 112 Firefox ESR versions prior to 102.10 Firefox for Android versions prior to 112 Thunderbird versions prior to 102.10

Description The issue is related to a wrong lowering instruction in the ARM64 Ion compiler, resulting in incorrect optimization. This can allow a remote attacker to gain unauthorized access to protected information. The vulnerability may enable the attacker to access confidential information.

Recommendations For Firefox versions prior to 112, update to version 112 or later. For Focus for Android versions prior to 112, update to version 112 or later. For Firefox ESR versions prior to 102.10, update to version 102.10 or later. For Firefox for Android versions prior to 112, update to version 112 or later. For Thunderbird versions prior to 102.10, update to version 102.10 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1037

Related Identifiers

ALSA-2023:1786

ALSA-2023:1787

ALSA-2023:1802

ALSA-2023:1809

ALT-PU-2023-1621

ALT-PU-2023-1648

ALT-PU-2023-1649

ALT-PU-2023-1758

ALT-PU-2023-1765

ALT-PU-2023-1783

ALT-PU-2023-1797

ALT-PU-2023-1817

ALT-PU-2023-4365

ALT-PU-2023-4366

ALT-PU-2023-5202

ALT-PU-2023-5754

ALT-PU-2024-3614

BDU:2023-02693

CESA-2023_1787

CESA-2023_1791

CESA-2023_1802

CESA-2023_1806

CVE-2023-29548

DLA-3391-1

DLA-3400-1

DSA-5385-1

DSA-5392-1

MGASA-2023-0147

OESA-2023-1673

OESA-2023-1674

OPENSUSE-SU-2024:12852-1

OPENSUSE-SU-2024:12856-1

OPENSUSE-SU-2024:12882-1

OPENSUSE-SU-2024:14572-1

RHSA-2023:1785

RHSA-2023:1786

RHSA-2023:1787

RHSA-2023:1788

RHSA-2023:1789

RHSA-2023:1790

RHSA-2023:1791

RHSA-2023:1792

RHSA-2023:1802

RHSA-2023:1803

RHSA-2023:1804

RHSA-2023:1805

RHSA-2023:1806

RHSA-2023:1809

RHSA-2023:1810

RHSA-2023:1811

RHSA-2023_1786

RHSA-2023_1787

RHSA-2023_1791

RHSA-2023_1802

RHSA-2023_1806

RHSA-2023_1809

RLSA-2023:1802

RLSA-2023:1809

SUSE-SU-2023:1817-1

SUSE-SU-2023:1819-1

SUSE-SU-2023:1855-1

SUSE-SU-2023:2064-1

USN-6010-1

USN-6010-2

USN-6010-3

USN-6015-1

USN-6120-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Firefox

Firefox Esr

Firefox For Android

Focus For Android

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Thunderbird

Ubuntu

PT-2023-2795 · Mozilla+10 · Firefox Esr+14

CVE-2023-29548

Weakness Enumeration

Related Identifiers

Affected Products

References · 2294