CVE-2019-9791 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary code execution
Description	The type inference system in Firefox before 66.0 allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-925	firefox	65.0.2-1	66.0-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
22 Mar 2019	ASA-201903-11	AVG-925	firefox	Critical	multiple issues

References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9791 https://bugzilla.mozilla.org/show_bug.cgi?id=1530958