Vulnerability CVE-2020-15656: Information
Description
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
firefox | sisyphus | 79.0-alt1 | 125.0.2-alt1 | ALT-PU-2020-2598-1 | 256176 | Fixed |
firefox | p10 | 79.0-alt1 | 118.0.2-alt0.p10.1 | ALT-PU-2020-2598-1 | 256176 | Fixed |
firefox | p9 | 80.0.1-alt0.1.p9 | 105.0.1-alt0.c9.1 | ALT-PU-2020-3442-1 | 262506 | Fixed |
firefox | c10f1 | 79.0-alt1 | 112.0.2-alt0.p10.1 | ALT-PU-2020-2598-1 | 256176 | Fixed |
firefox | c9f2 | 93.0-alt0.p9.1 | 105.0.1-alt0.c9.1 | ALT-PU-2021-3368-1 | 288792 | Fixed |
firefox-esr | sisyphus | 78.1.0-alt1 | 115.10.0-alt1 | ALT-PU-2020-2466-1 | 255488 | Fixed |
firefox-esr | p10 | 91.1.0-alt1 | 115.10.0-alt1 | ALT-PU-2021-2881-1 | 284980 | Fixed |
firefox-esr | p9 | 78.3.0-alt0.1.p9 | 102.11.0-alt0.c9.1 | ALT-PU-2020-2933-1 | 254920 | Fixed |
firefox-esr | c10f1 | 91.1.0-alt1 | 115.9.1-alt0.c10.1 | ALT-PU-2021-2881-1 | 284980 | Fixed |
firefox-esr | c9f2 | 91.3.0-alt1.c9.1 | 102.12.0-alt0.c9.1 | ALT-PU-2021-3369-1 | 288792 | Fixed |
thunderbird | sisyphus | 78.1.1-alt1 | 115.9.0-alt1 | ALT-PU-2020-2709-1 | 256264 | Fixed |
thunderbird | p10 | 78.1.1-alt1 | 115.9.0-alt1 | ALT-PU-2020-2709-1 | 256264 | Fixed |
thunderbird | p9 | 78.3.1-alt1 | 102.11.0-alt0.c9.1 | ALT-PU-2020-2934-1 | 254920 | Fixed |
thunderbird | c10f1 | 78.1.1-alt1 | 115.9.0-alt0.c10.1 | ALT-PU-2020-2709-1 | 256264 | Fixed |
thunderbird | c9f2 | 78.7.0-alt0.1.c9 | 102.11.0-alt0.c9.1 | ALT-PU-2021-1369-1 | 264611 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2020-32/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1647293 |
|
https://www.mozilla.org/security/advisories/mfsa2020-30/ |
|
https://www.mozilla.org/security/advisories/mfsa2020-33/ |
|
openSUSE-SU-2020:1189 |
|
USN-4443-1 |
|