PT-2025-33869 · Mozilla+8 · Thunderbird+10

Irvan Kurniawan

·

Published

2025-08-19

·

Updated

2026-02-02

·

CVE-2025-9182

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 142 Firefox ESR versions prior to 140.2 Thunderbird versions prior to 142 Thunderbird versions prior to 140.2
Description: The software is susceptible to a denial-of-service issue caused by an out-of-memory condition within the Graphics: WebRender component.
Recommendations: Update Firefox to version 142 or later. Update Firefox ESR to version 140.2 or later. Update Thunderbird to version 142 or later. Update Thunderbird to version 140.2 or later.

Fix

DoS

Resource Exhaustion

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-404

Related Identifiers

ALSA-2025:14416
ALSA-2025:14417
ALSA-2025:14442
ALSA-2025:14640
ALSA-2025:14743
ALSA-2025:14844
ALT-PU-2025-11100
ALT-PU-2025-12559
ALT-PU-2025-12562
ALT-PU-2025-14599
BDU:2025-10388
CESA-2025_14442
CESA-2025_14743
CVE-2025-9182
INFSA-2025_14416
INFSA-2025_14442
INFSA-2025_14640
INFSA-2025_14743
OPENSUSE-SU-2025:15467-1
OPENSUSE-SU-2025:15472-1
OPENSUSE-SU-2025:15516-1
RHSA-2025:14416
RHSA-2025:14417
RHSA-2025:14442
RHSA-2025:14640
RHSA-2025:14743
RHSA-2025_14416
RHSA-2025_14442
RHSA-2025_14640
RHSA-2025_14743
SUSE-SU-2025:03007-1
SUSE-SU-2025:03008-1
SUSE-SU-2025:03009-1
SUSE-SU-2025_03008-1
SUSE-SU-2025_03009-1
USN-7991-1

Affected Products

Alt Linux
Almalinux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu