ASA-202205-4 log raw

[ASA-202205-4] firefox: multiple issues
Arch Linux Security Advisory ASA-202205-4 ========================================= Severity: High Date : 2022-05-16 CVE-ID : CVE-2022-29909 CVE-2022-29911 CVE-2022-29912 CVE-2022-29914 CVE-2022-29915 CVE-2022-29916 CVE-2022-29917 CVE-2022-29918 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2709 Summary ======= The package firefox before version 100.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, information disclosure, privilege escalation and insufficient validation. Resolution ========== Upgrade to 100.0-1. # pacman -Syu "firefox>=100.0-1" The problems have been fixed upstream in version 100.0. Workaround ========== None. Description =========== - CVE-2022-29909 (privilege escalation) Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. - CVE-2022-29911 (arbitrary code execution) An improper implementation of the new iframe sandbox keyword allow-top- navigation-by-user-activation could lead to script execution without allow-scripts being present. - CVE-2022-29912 (insufficient validation) Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. - CVE-2022-29914 (content spoofing) When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. - CVE-2022-29915 (information disclosure) The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. - CVE-2022-29916 (information disclosure) Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. - CVE-2022-29917 (arbitrary code execution) Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and Firefox ESR 91.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. - CVE-2022-29918 (arbitrary code execution) Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Impact ====== References ========== https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/ https://bugzilla.mozilla.org/show_bug.cgi?id=1755081 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29909 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29909 https://bugzilla.mozilla.org/show_bug.cgi?id=1761981 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29911 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29911 https://bugzilla.mozilla.org/show_bug.cgi?id=1692655 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29912 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29912 https://bugzilla.mozilla.org/show_bug.cgi?id=1746448 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29914 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29914 https://bugzilla.mozilla.org/show_bug.cgi?id=1751678 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29915 https://bugzilla.mozilla.org/show_bug.cgi?id=1760674 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29916 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29916 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1684739%2C1706441%2C1753298%2C1762614%2C1762620%2C1764778 https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29917 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29917 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1744043%2C1747178%2C1753535%2C1754017%2C1755847%2C1756172%2C1757477%2C1758223%2C1760160%2C1761481%2C1761771 https://security.archlinux.org/CVE-2022-29909 https://security.archlinux.org/CVE-2022-29911 https://security.archlinux.org/CVE-2022-29912 https://security.archlinux.org/CVE-2022-29914 https://security.archlinux.org/CVE-2022-29915 https://security.archlinux.org/CVE-2022-29916 https://security.archlinux.org/CVE-2022-29917 https://security.archlinux.org/CVE-2022-29918