Subject: [ASA-202004-8] firefox: multiple issues Arch Linux Security Advisory ASA-202004-8 ========================================= Severity: Critical Date : 2020-04-08 CVE-ID : CVE-2020-6821 CVE-2020-6823 CVE-2020-6824 CVE-2020-6825 CVE-2020-6826 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1127 Summary ======= The package firefox before version 75.0-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and access restriction bypass. Resolution ========== Upgrade to 75.0-1. # pacman -Syu "firefox>=75.0-1" The problems have been fixed upstream in version 75.0. Workaround ========== None. Description =========== - CVE-2020-6821 (information disclosure) An information disclosure issue has been found in Firefox before 75.0 and Thunderbird before 68.7.0. When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. - CVE-2020-6823 (access restriction bypass) A security issue has been found in Firefox before 75.0, where a malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. - CVE-2020-6824 (information disclosure) A security issue has been found in Firefox before 75.0, where generated passwords may be identical on the same site between separate private browsing sessions. Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. - CVE-2020-6825 (arbitrary code execution) Several memory safety issues have been found in Firefox before 75.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. - CVE-2020-6826 (arbitrary code execution) Several memory safety issues have been found in Firefox before 75.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. Impact ====== A remote attacker might be able to access sensitive information, bypass security restrictions or execute arbitrary code. References ========== https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6821 https://bugzilla.mozilla.org/show_bug.cgi?id=1625404 https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6823 https://bugzilla.mozilla.org/show_bug.cgi?id=1614919 https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6824 https://bugzilla.mozilla.org/show_bug.cgi?id=1621853 https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6825 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1572541%2C1620193%2C1620203 https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6826 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1613009%2C1613195%2C1616734%2C1617488%2C1619229%2C1620719%2C1624897 https://security.archlinux.org/CVE-2020-6821 https://security.archlinux.org/CVE-2020-6823 https://security.archlinux.org/CVE-2020-6824 https://security.archlinux.org/CVE-2020-6825 https://security.archlinux.org/CVE-2020-6826