CVE-2024-5700
Publication date 11 June 2024
Last updated 24 July 2024
Ubuntu priority
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| firefox | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Fixed 127.0.2+build1-0ubuntu0.20.04.1
|
|
| mozjs102 | 24.04 LTS noble | Ignored |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| mozjs38 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| mozjs52 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| 18.04 LTS bionic | Ignored | |
| mozjs68 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| mozjs78 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| mozjs91 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| thunderbird | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 1:115.12.0+build3-0ubuntu0.22.04.1
|
|
| 20.04 LTS focal |
Fixed 1:115.12.0+build3-0ubuntu0.20.04.1
|
Notes
References
Related Ubuntu Security Notices (USN)
- USN-6840-1
- Thunderbird vulnerabilities
- 19 June 2024
- USN-6862-1
- Firefox vulnerabilities
- 3 July 2024