View Issue Details

IDProjectCategoryView StatusLast Update
0005997Kali LinuxTool Upgrade Requestpublic2020-02-18 15:17
Reporterentropyworks Assigned Tosbrun  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Summary0005997: Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1
Description

tl;dr, targeted attacks in the wild abusing this flaw upgrade to Firefox ESR 68.4.1

https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/

Announced: January 8, 2020
Impact: critical
Products: Firefox, Firefox ESR
Fixed in:
Firefox 72.0.1
Firefox ESR 68.4.1

#CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

Reporter: Qihoo 360 ATA
Impact: critical

Description

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw.

Activities

sbrun

sbrun

2020-02-18 15:17

manager   ~0012305

firefox-esr version 68.5.0esr-1 is now in kali-rolling

Issue History

Date Modified Username Field Change
2020-01-15 02:49 entropyworks New Issue
2020-01-15 02:49 entropyworks Status new => assigned
2020-01-15 02:49 entropyworks Assigned To => sbrun
2020-02-18 15:17 sbrun Status assigned => resolved
2020-02-18 15:17 sbrun Resolution open => fixed
2020-02-18 15:17 sbrun Note Added: 0012305
2021-05-31 13:37 rhertzog Category Tool Upgrade => Tool Upgrade Request