SB2021042822 - Red Hat Enterprise Linux 8 update for firefox

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2021-23961)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the way Firefox handles requests to internal resources. A remote attacker can create a specially crafted web page and combined with slipstream research techniques collect information about hosts in internal network as well as services running on the user's local machine.

2) Out-of-bounds write (CVE-ID: CVE-2021-23994)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the WebGL framebuffer. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

3) Use-fater-free (CVE-ID: CVE-2021-23995)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input, when Responsive Design Mode is enabled. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger a use-after-fee error and execute arbitrary code on the target system.

4) Insecure Inherited Permissions (CVE-ID: CVE-2021-23998)

the vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the way HTTP pages inherit a secure lock icon, when navigating from an HTTP page. A remote attacker can create a specially crafted webpage that through a series of complicated navigation will force the browser to display a secure lock icon on an unencrypted HTTP page.

5) Insecure Inherited Permissions (CVE-ID: CVE-2021-23999)

the vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to the way Firefox handles Blob URLs. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.

6) Input validation error (CVE-ID: CVE-2021-24002)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input when processing newline characters in an FTP URL (such as %0A and %0D). A remote attacker can trick the victim to click on a specially crafted URL and execute arbitrary FTP commands on a remote server, given that victim has access to the FTP server.

7) Incorrect calculation (CVE-ID: CVE-2021-29945)

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to the WebAssembly JIT miscalculates the size of a return type, which leads to a null read. A remote attacker can create a specially crafted web page, trick the victim into visiting it and crash the browser.

Note, the vulnerability affects 32-bit platforms only.

8) Input validation error (CVE-ID: CVE-2021-29946)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input. Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2021:1360