REDHAT-BUG-2356563
First published: Tue Apr 01 2025(Updated: )
Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird ESR < 128.9.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <137 | |
| Firefox ESR | <128.9 | |
| Thunderbird | <137 | |
| Mozilla Thunderbird | <128.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2025:3556
- https://access.redhat.com/errata/RHSA-2025:3581
- https://access.redhat.com/errata/RHSA-2025:3582
- https://access.redhat.com/errata/RHSA-2025:3587
- https://access.redhat.com/errata/RHSA-2025:3589
- https://access.redhat.com/errata/RHSA-2025:3590
- https://access.redhat.com/errata/RHSA-2025:3623
- https://access.redhat.com/errata/RHSA-2025:3620
- https://access.redhat.com/errata/RHSA-2025:3621
- https://access.redhat.com/errata/RHSA-2025:3628
- https://access.redhat.com/errata/RHSA-2025:4026
- https://access.redhat.com/errata/RHSA-2025:4027
- https://access.redhat.com/errata/RHSA-2025:4029
- https://access.redhat.com/errata/RHSA-2025:4028
- https://access.redhat.com/errata/RHSA-2025:4032
- https://access.redhat.com/errata/RHSA-2025:4031
- https://access.redhat.com/errata/RHSA-2025:4030
- https://access.redhat.com/errata/RHSA-2025:4169
- https://access.redhat.com/errata/RHSA-2025:4170
- https://bugzilla.redhat.com/show_bug.cgi?id=2356563
Frequently Asked Questions
What is the severity of REDHAT-BUG-2356563?
The severity of REDHAT-BUG-2356563 is classified as high due to the potential for memory corruption vulnerabilities leading to arbitrary code execution.
How do I fix REDHAT-BUG-2356563?
To fix REDHAT-BUG-2356563, update your Firefox or Thunderbird to the latest version above the specified vulnerable ranges.
Which versions are affected by REDHAT-BUG-2356563?
REDHAT-BUG-2356563 affects Firefox versions prior to 137, Firefox ESR versions prior to 128.9, Thunderbird versions prior to 137, and Thunderbird ESR versions prior to 128.9.
What software does REDHAT-BUG-2356563 impact?
REDHAT-BUG-2356563 impacts Mozilla Firefox, Firefox ESR, Mozilla Thunderbird, and Thunderbird ESR.
Are there any known exploits for REDHAT-BUG-2356563?
While evidence of memory corruption exists in REDHAT-BUG-2356563, there are currently no confirmed exploits publicly available.
- agent/source
- agent/severity
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/references
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2025-3030
- vendor/mozilla
- canonical/firefox
- canonical/firefox esr
- canonical/thunderbird
- canonical/mozilla thunderbird