REDHAT-BUG-2349795
First published: Tue Mar 04 2025(Updated: )
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <136 | |
| Firefox ESR | <115.21<128.8 | |
| Thunderbird | <135 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2025:2359
- https://access.redhat.com/errata/RHSA-2025:2452
- https://access.redhat.com/errata/RHSA-2025:2481
- https://access.redhat.com/errata/RHSA-2025:2480
- https://access.redhat.com/errata/RHSA-2025:2479
- https://access.redhat.com/errata/RHSA-2025:2485
- https://access.redhat.com/errata/RHSA-2025:2484
- https://access.redhat.com/errata/RHSA-2025:2486
- https://access.redhat.com/errata/RHSA-2025:2699
- https://access.redhat.com/errata/RHSA-2025:2708
- https://access.redhat.com/errata/RHSA-2025:2899
- https://access.redhat.com/errata/RHSA-2025:2900
- https://access.redhat.com/errata/RHSA-2025:2957
- https://access.redhat.com/errata/RHSA-2025:2960
- https://access.redhat.com/errata/RHSA-2025:2958
- https://access.redhat.com/errata/RHSA-2025:2959
- https://access.redhat.com/errata/RHSA-2025:3009
- https://access.redhat.com/errata/RHSA-2025:3013
- https://access.redhat.com/errata/RHSA-2025:3036
- https://bugzilla.redhat.com/show_bug.cgi?id=2349795
Frequently Asked Questions
What is the severity of REDHAT-BUG-2349795?
The severity of REDHAT-BUG-2349795 is high due to memory safety issues that could potentially allow for arbitrary code execution.
How do I fix REDHAT-BUG-2349795?
To fix REDHAT-BUG-2349795, you should update to the latest versions of Firefox, Thunderbird, or Firefox ESR as applicable.
What software is affected by REDHAT-BUG-2349795?
REDHAT-BUG-2349795 affects Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7.
Can REDHAT-BUG-2349795 be exploited?
Yes, REDHAT-BUG-2349795 shows evidence of memory corruption which could potentially be exploited to execute arbitrary code.
What are the potential consequences of REDHAT-BUG-2349795?
The potential consequences of REDHAT-BUG-2349795 include unauthorized access to system resources and the execution of malicious code.
- agent/source
- agent/severity
- agent/first-publish-date
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/references
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-1937
- vendor/mozilla
- canonical/firefox
- canonical/firefox esr
- canonical/thunderbird