PT-2025-3807 · Mozilla+9 · Firefox Esr+11

Nils Bars

·

Published

2025-01-07

·

Updated

2026-04-13

·

CVE-2025-0241

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 134 Firefox ESR versions prior to 128.6 Thunderbird versions prior to 134 Thunderbird versions prior to 128.6
Description The issue arises when segmenting specially crafted text, leading to memory corruption and a potentially exploitable crash.
Recommendations For Firefox versions prior to 134, update to version 134 or later. For Firefox ESR versions prior to 128.6, update to version 128.6 or later. For Thunderbird versions prior to 134, update to version 134 or later. For Thunderbird versions prior to 128.6, update to version 128.6 or later.

Fix

Memory Leak

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-119

Related Identifiers

ALSA-2025:0080
ALSA-2025:0144
ALT-PU-2025-1154
ALT-PU-2025-1681
ALT-PU-2025-1972
ALT-PU-2025-1984
ALT-PU-2025-2027
ALT-PU-2025-2230
BDU:2025-02402
CESA-2025_0144
CESA-2025_0281
CVE-2025-0241
DLA-4011-1
DLA-4012-1
DSA-5839-1
DSA-5841-1
INFSA-2025_0080
INFSA-2025_0144
MGASA-2025-0009
MGASA-2025-0010
OESA-2025-1085
OESA-2025-1086
OESA-2025-1835
OPENSUSE-SU-2025:14619-1
OPENSUSE-SU-2025:14630-1
OPENSUSE-SU-2025:14648-1
OPENSUSE-SU-2025_0059-1
OPENSUSE-SU-2025_0080-1
RHSA-2025:0080
RHSA-2025:0132
RHSA-2025:0133
RHSA-2025:0134
RHSA-2025:0135
RHSA-2025:0136
RHSA-2025:0137
RHSA-2025:0138
RHSA-2025:0144
RHSA-2025:0147
RHSA-2025:0162
RHSA-2025:0165
RHSA-2025:0166
RHSA-2025:0167
RHSA-2025:0275
RHSA-2025:0281
RHSA-2025:0284
RHSA-2025:0286
RHSA-2025:0287
RHSA-2025_0080
RHSA-2025_0144
RHSA-2025_0147
RHSA-2025_0281
RLSA-2025:0144
SUSE-SU-2025:0056-1
SUSE-SU-2025:0059-1
SUSE-SU-2025:0080-1
USN-7191-1
USN-7991-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Rocky Linux
Suse
Thunderbird
Ubuntu