Mozilla Firefox / Firefox ESR Arbitrary Code Execution Vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
A use-after-free error related to the MCallGetProperty opcode can be exploited to execute arbitrary code.
The vulnerability is reported in Mozilla Firefox versions prior to 82.0.3 and in Mozilla Firefox ESR versions prior to 78.4.1.
Affected Software
The following software is affected by the described vulnerability. Please check the vendor links below to see if exactly your version is affected.
Mozilla Firefox 78.x
Mozilla Firefox 82.x
Update to a fixed version.
Mozilla Firefox:
Update to version 82.0.3.
Mozilla Firefox ESR:
Update to version 78.4.1.
References
1. https:/
Please provide a patch as soon as possible.
firefox 82.0.3 was released for xenial, bionic, focal, groovy and hirsute yesterday.