REDHAT-BUG-2343765: Use After Free
First published: Tue Feb 04 2025(Updated: )
A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <135 | |
| Firefox ESR | <115.20<128.7 | |
| Thunderbird | <128.7<135 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2025:1066
- https://access.redhat.com/errata/RHSA-2025:1133
- https://access.redhat.com/errata/RHSA-2025:1135
- https://access.redhat.com/errata/RHSA-2025:1138
- https://access.redhat.com/errata/RHSA-2025:1136
- https://access.redhat.com/errata/RHSA-2025:1132
- https://access.redhat.com/errata/RHSA-2025:1137
- https://access.redhat.com/errata/RHSA-2025:1139
- https://access.redhat.com/errata/RHSA-2025:1140
- https://access.redhat.com/errata/RHSA-2025:1184
- https://access.redhat.com/errata/RHSA-2025:1283
- https://access.redhat.com/errata/RHSA-2025:1292
- https://access.redhat.com/errata/RHSA-2025:1319
- https://access.redhat.com/errata/RHSA-2025:1317
- https://access.redhat.com/errata/RHSA-2025:1318
- https://access.redhat.com/errata/RHSA-2025:1339
- https://access.redhat.com/errata/RHSA-2025:1340
- https://access.redhat.com/errata/RHSA-2025:1341
- https://access.redhat.com/errata/RHSA-2025:1348
- https://bugzilla.redhat.com/show_bug.cgi?id=2343765
Frequently Asked Questions
What is the severity of REDHAT-BUG-2343765?
The severity of REDHAT-BUG-2343765 is high due to the potential for a use-after-free vulnerability.
How do I fix REDHAT-BUG-2343765?
To fix REDHAT-BUG-2343765, update your Firefox, Firefox ESR, or Thunderbird to the latest version available that addresses this vulnerability.
Which software versions are affected by REDHAT-BUG-2343765?
REDHAT-BUG-2343765 affects Firefox versions below 135, Firefox ESR versions below 115.20 and 128.7, and Thunderbird versions below 128.7 and 135.
What are the potential consequences of REDHAT-BUG-2343765?
The potential consequences of REDHAT-BUG-2343765 include possible arbitrary code execution and system instability due to a use-after-free condition.
Is there a workaround for REDHAT-BUG-2343765?
There are no known effective workarounds for REDHAT-BUG-2343765, so updating to a patched version is recommended.
- agent/weakness
- agent/source
- agent/severity
- agent/first-publish-date
- agent/description
- agent/type
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-1012
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mozilla
- canonical/firefox
- canonical/firefox esr
- canonical/thunderbird