Red Hat Enterprise Linux 8 update for firefox
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2024-6604 CVE-2024-6601 CVE-2024-6603 CVE-2017-7679 CVE-2017-7659 CVE-2017-7668 CVE-2017-3169 CVE-2017-3167 |
| CWE-ID | CWE-119 CWE-362 CWE-125 CWE-476 CWE-592 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #7 is available. |
| Vulnerable software Subscribe |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions Operating systems & Components / Operating system package or component firefox (Red Hat package) Operating systems & Components / Operating system package or component Red Hat Enterprise Linux Server - TUS Operating systems & Components / Operating system Red Hat Enterprise Linux Server - AUS Operating systems & Components / Operating system |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU93898
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-6604
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU93895
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-6601
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to a race condition in permission assignment. A remote attacker can trick the victim to visit a specially crafted website, bypass cross-origin container obtaining permissions of the top-level origin and gain access to sensitive information.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU93897
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-6603
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in thread creation. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and crash the browser.
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU7119
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7679
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to out-of-bounds read within the mod_mime when constructing Content-Type response header. A remote attacker read one byte pas the end of a buffer when sending a malicious Content-Type response header.
Mitigation
Install updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) NULL pointer dereference
EUVDB-ID: #VU7118
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-7659
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a NULL pointer dereference error within mod_http2. A remote attacker can send a specially crafted HTTP/2 request and crash the affected process.
Successful exploitation of the vulnerability result in denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bound read
EUVDB-ID: #VU7117
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-7668
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing token lists within ap_find_token() function. A remote unauthenticated attacker can create a specially crafted sequence of HTTP headers and refer to data past the end of the search string.
Successful exploitation of this vulnerability results segmentation fault and web server crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU7116
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-3169
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a NULL pointer dereference error within mod_ssl module, when third-party modules call ap_hook_process_connection() function during an HTTP request to an HTTPS port. A remote attacker can send a specially crafted HTTP request and crash the affected web server.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Authentication bypass
EUVDB-ID: #VU7115
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-3167
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to usage of the ap_get_basic_auth_pw() function by third-party modules outside of the authentication phase. A remote attacker can create a specially crafted HTTP request to vulnerable web server, bypass authentication requirements and gain unauthorized access to otherwise protected information.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4
Red Hat Enterprise Linux Server - TUS: 8.4
Red Hat Enterprise Linux Server - AUS: 8.4
firefox (Red Hat package): before 115.13.0-3.el8_4
External linkshttp://access.redhat.com/errata/RHSA-2024:4610
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
