PT-2025-22994 · Mozilla+11 · Thunderbird+12

Randell Jesup

·

Published

2025-05-27

·

Updated

2025-12-03

·

CVE-2025-5269

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Firefox ESR versions prior to 128.11 Thunderbird versions prior to 128.11
Description A memory safety bug is present, showing evidence of memory corruption. It is presumed that with enough effort, this could be exploited to run arbitrary code.
Recommendations For Firefox ESR versions prior to 128.11, update to version 128.11 or later. For Thunderbird versions prior to 128.11, update to version 128.11 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2025:8293
ALSA-2025:8308
ALSA-2025:8341
ALSA-2025:8607
ALSA-2025:8608
ALSA-2025:8756
ALT-PU-2025-11100
ALT-PU-2025-14599
ALT-PU-2025-7695
BDU:2025-06230
CESA-2025_8308
CESA-2025_8756
CVE-2025-5269
DLA-4191-1
DLA-4194-1
DSA-5926-1
DSA-5932-1
INFSA-2025_8293
INFSA-2025_8308
INFSA-2025_8607
INFSA-2025_8756
MGASA-2025-0195
MGASA-2025-0197
OESA-2025-1633
OESA-2025-1634
OESA-2025-1635
OESA-2025-1636
OESA-2025-1835
OPENSUSE-SU-2025-20135-1
OPENSUSE-SU-2025:15170-1
OPENSUSE-SU-2025:15174-1
OPENSUSE-SU-2025:15315-1
OPENSUSE-SU-2025:20135-1
RHSA-2025:8293
RHSA-2025:8308
RHSA-2025:8341
RHSA-2025:8598
RHSA-2025:8599
RHSA-2025:8607
RHSA-2025:8608
RHSA-2025:8628
RHSA-2025:8629
RHSA-2025:8630
RHSA-2025:8631
RHSA-2025:8642
RHSA-2025:8756
RHSA-2025:9071
RHSA-2025:9072
RHSA-2025:9073
RHSA-2025:9074
RHSA-2025:9075
RHSA-2025:9076
RHSA-2025:9077
RHSA-2025:9155
RHSA-2025_8293
RHSA-2025_8308
RHSA-2025_8607
RHSA-2025_8756
SUSE-SU-2025:01769-1
SUSE-SU-2025:01814-1
SUSE-SU-2025:01946-1
SUSE-SU-2025:21170-1
SUSE-SU-2025_01769-1
SUSE-SU-2025_01814-1
USN-7663-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Firefox Esr
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Thunderbird
Ubuntu