{"id":"MGASA-2024-0334","summary":"Updated firefox packages fix security vulnerabilities","details":"The updated package provides Firefox 128 for all mandatory arches of\nMageia (x86_64, i586 and aarch64), fixing several bugs, including\nsecurity vulnerabilities, for i586 and aarch64:\nFullscreen notification dialog can be obscured by document content.\n(CVE-2024-7518)\nOut of bounds memory access in graphics shared memory handling.\n(CVE-2024-7519)\nType confusion in WebAssembly. (CVE-2024-7520)\nIncomplete WebAssembly exception handing. (CVE-2024-7521)\nOut of bounds read in editor component. (CVE-2024-7522)\nCSP strict-dynamic bypass using web-compatibility shims. (CVE-2024-7524)\nMissing permission check when creating a StreamFilter. (CVE-2024-7525)\nUninitialized memory used by WebGL. (CVE-2024-7526)\nUse-after-free in JavaScript garbage collection. (CVE-2024-7527)\nUse-after-free in IndexedDB. (CVE-2024-7528)\nDocument content could partially obscure security prompts.\n(CVE-2024-7529)\nWASM type confusion involving ArrayTypes. (CVE-2024-8385)\nType confusion when looking up a property name in a \"with\" block.\n(CVE-2024-8381)\nInternal event interfaces were exposed to web content when browser\nEventHandler listener callbacks ran. (CVE-2024-8382)\nlinks in an external application. (CVE-2024-8383: Firefox did not ask\nbefore openings news)\nGarbage collection could mis-color cross-compartment objects in OOM\nconditions. (CVE-2024-8384)\nSelectElements could be shown over another site if popups are allowed.\n(CVE-2024-8386)\nMemory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and\nThunderbird 128.2. (CVE-2024-8387)\nCompromised content process can bypass site isolation. (CVE-2024-9392)\nCross-origin access to PDF contents through multipart responses.\n(CVE-2024-9393)\nCross-origin access to JSON contents through multipart responses.\n(CVE-2024-9394)\nClipboard write permission bypass. (CVE-2024-8900)\nPotential memory corruption may occur when cloning certain objects.\n(CVE-2024-9396)\nPotential directory upload bypass via clickjacking. (CVE-2024-9397)\nExternal protocol handlers could be enumerated via popups.\n(CVE-2024-9398)\nSpecially crafted WebTransport requests could lead to denial of service.\n(CVE-2024-9399)\nPotential memory corruption during JIT compilation. (CVE-2024-9400)\nMemory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR\n128.3, Thunderbird 131, and Thunderbird 128.3. (CVE-2024-9401)\nMemory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird\n131, and Thunderbird 128.3. (CVE-2024-9402)\nUse-after-free in Animation timeline. (CVE-2024-9680)\n","modified":"2026-04-16T04:42:17.421165299Z","published":"2024-10-24T16:43:47Z","upstream":["CVE-2024-7518","CVE-2024-7519","CVE-2024-7520","CVE-2024-7521","CVE-2024-7522","CVE-2024-7524","CVE-2024-7525","CVE-2024-7526","CVE-2024-7527","CVE-2024-7528","CVE-2024-7529","CVE-2024-8381","CVE-2024-8382","CVE-2024-8383","CVE-2024-8384","CVE-2024-8385","CVE-2024-8386","CVE-2024-8387","CVE-2024-8900","CVE-2024-9392","CVE-2024-9393","CVE-2024-9394","CVE-2024-9396","CVE-2024-9397","CVE-2024-9398","CVE-2024-9399","CVE-2024-9400","CVE-2024-9401","CVE-2024-9402","CVE-2024-9680"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0334.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33607"}],"affected":[{"package":{"name":"firefox","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"128.3.1-3.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0334.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}