CVE-2023-25735: Use After Free
First published: Tue Feb 14 2023(Updated: )
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy.
Credit: security@mozilla.org security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/firefox | <0:102.8.0-2.el7_9 | 0:102.8.0-2.el7_9 |
| redhat/thunderbird | <0:102.8.0-2.el7_9 | 0:102.8.0-2.el7_9 |
| redhat/firefox | <0:102.8.0-2.el8_7 | 0:102.8.0-2.el8_7 |
| redhat/thunderbird | <0:102.8.0-2.el8_7 | 0:102.8.0-2.el8_7 |
| redhat/firefox | <0:102.8.0-2.el8_1 | 0:102.8.0-2.el8_1 |
| redhat/thunderbird | <0:102.8.0-2.el8_1 | 0:102.8.0-2.el8_1 |
| redhat/firefox | <0:102.8.0-2.el8_2 | 0:102.8.0-2.el8_2 |
| redhat/thunderbird | <0:102.8.0-2.el8_2 | 0:102.8.0-2.el8_2 |
| redhat/firefox | <0:102.8.0-2.el8_4 | 0:102.8.0-2.el8_4 |
| redhat/thunderbird | <0:102.8.0-2.el8_4 | 0:102.8.0-2.el8_4 |
| redhat/firefox | <0:102.8.0-2.el8_6 | 0:102.8.0-2.el8_6 |
| redhat/thunderbird | <0:102.8.0-2.el8_6 | 0:102.8.0-2.el8_6 |
| redhat/firefox | <0:102.8.0-2.el9_1 | 0:102.8.0-2.el9_1 |
| redhat/thunderbird | <0:102.8.0-2.el9_1 | 0:102.8.0-2.el9_1 |
| redhat/firefox | <0:102.8.0-2.el9_0 | 0:102.8.0-2.el9_0 |
| redhat/thunderbird | <0:102.8.0-2.el9_0 | 0:102.8.0-2.el9_0 |
| Mozilla Thunderbird | <102.8 | 102.8 |
| Mozilla Firefox ESR | <102.8 | 102.8 |
| redhat/firefox | <102.8 | 102.8 |
| redhat/thunderbird | <102.8 | 102.8 |
| Mozilla Firefox | <110 | 110 |
| Mozilla Firefox | <110.0 | |
| Mozilla Firefox ESR | <102.8 | |
| Mozilla Thunderbird | <102.8 | |
| debian/firefox | 131.0.2-2 | |
| debian/firefox-esr | 115.14.0esr-1~deb11u1 128.3.1esr-1~deb11u1 115.14.0esr-1~deb12u1 128.3.1esr-1~deb12u1 128.3.0esr-2 128.3.1esr-2 | |
| debian/thunderbird | 1:115.12.0-1~deb11u1 1:115.16.0esr-1~deb11u1 1:115.12.0-1~deb12u1 1:115.16.0esr-1~deb12u1 1:128.2.0esr-1 1:128.3.0esr-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.mozilla.org/show_bug.cgi?id=1810711
- https://www.mozilla.org/security/advisories/mfsa2023-05/
- https://www.mozilla.org/security/advisories/mfsa2023-07/
- https://www.mozilla.org/security/advisories/mfsa2023-06/
- https://www.cve.org/CVERecord?id=CVE-2023-25735 https://nvd.nist.gov/vuln/detail/CVE-2023-25735 https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25735 https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25735
- https://bugzilla.redhat.com/show_bug.cgi?id=2170378
- https://access.redhat.com/errata/RHSA-2023:0812
- https://access.redhat.com/errata/RHSA-2023:0817
- https://access.redhat.com/errata/RHSA-2023:0808
- https://access.redhat.com/errata/RHSA-2023:0821
- https://access.redhat.com/errata/RHSA-2023:0806
- https://access.redhat.com/errata/RHSA-2023:0818
- https://access.redhat.com/errata/RHSA-2023:0811
- https://access.redhat.com/errata/RHSA-2023:0819
- https://access.redhat.com/errata/RHSA-2023:0805
- https://access.redhat.com/errata/RHSA-2023:0820
- https://access.redhat.com/errata/RHSA-2023:0807
- https://access.redhat.com/errata/RHSA-2023:0822
- https://access.redhat.com/errata/RHSA-2023:0810
- https://access.redhat.com/errata/RHSA-2023:0824
- https://access.redhat.com/errata/RHSA-2023:0809
- https://access.redhat.com/errata/RHSA-2023:0823
- https://access.redhat.com/security/cve/cve-2023-25735
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/
- https://launchpad.net/bugs/cve/CVE-2023-25735
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25746
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25735
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
- https://nvd.nist.gov/vuln/detail/CVE-2023-25735
- https://security-tracker.debian.org/tracker/CVE-2023-25735
- https://ubuntu.com/security/CVE-2023-25735
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25735
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25735
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-25735.
Which software is affected by this vulnerability?
This vulnerability affects Mozilla Firefox, Thunderbird, and Firefox ESR.
What is the severity of CVE-2023-25735?
The severity of CVE-2023-25735 is high with a CVSS score of 8.8.
How can I fix CVE-2023-25735?
To fix CVE-2023-25735, it is recommended to update Firefox, Thunderbird, and Firefox ESR to the latest version.
Where can I find more information about CVE-2023-25735?
You can find more information about CVE-2023-25735 on the Mozilla Bugzilla and Mozilla Security Advisories websites.
- collector/nvd-latest
- collector/redhat-cve
- collector/mozilla-advisory
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- source/Mozilla
- agent/software-canonical-lookup
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-25735
- agent/description
- agent/weakness
- agent/severity
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- collector/security-tracker-debian
- source/Debian
- agent/trending
- package-manager/redhat
- vendor/mozilla
- canonical/mozilla thunderbird
- canonical/mozilla firefox esr
- canonical/mozilla firefox
- package-manager/debian