Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-4046

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

Related bugs and status

CVE-2023-4046 (Candidate) is related to these bugs:

Bug #2036634: Update mozjs102 to 102.15.1

		In	Importance	Status
2036634	Update mozjs102 to 102.15.1	mozjs102 (Ubuntu)	Undecided	Fix Released
2036634	Update mozjs102 to 102.15.1	mozjs102 (Ubuntu Lunar)	Undecided	Fix Released
2036634	Update mozjs102 to 102.15.1	mozjs102 (Ubuntu Jammy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.mozil...
MISC: https://www.mozilla.or...
MISC: https://www.mozilla.or...
MISC: https://www.mozilla.or...
DEBIAN: DSA-5464
DEBIAN: DSA-5469
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...