Vulnerability CVE-2024-1550: Information
Description
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| firefox | sisyphus | 123.0-alt1 | 125.0.2-alt1 | ALT-PU-2024-2933-1 | 341362 | Fixed |
| firefox | sisyphus_riscv64 | 123.0-alt0.port | 124.0.1-alt0.port | ALT-PU-2024-3300-1 | - | Fixed |
| firefox | sisyphus_loongarch64 | 123.0-alt1.0.port | 125.0.1-alt1.0.port | ALT-PU-2024-3000-1 | - | Fixed |
| firefox-esr | sisyphus | 115.8.0-alt1 | 115.10.0-alt1 | ALT-PU-2024-2827-2 | 341225 | Fixed |
| firefox-esr | sisyphus_loongarch64 | 115.8.0-alt1 | 115.10.0-alt1 | ALT-PU-2024-2999-1 | - | Fixed |
| firefox-esr | p10 | 115.8.0-alt1 | 115.10.0-alt1 | ALT-PU-2024-2835-2 | 341263 | Fixed |
| firefox-esr | c10f1 | 115.8.0-alt0.c10.1 | 115.9.1-alt0.c10.1 | ALT-PU-2024-3614-2 | 340631 | Fixed |
| thunderbird | sisyphus | 115.8.0-alt1 | 115.9.0-alt1 | ALT-PU-2024-2870-2 | 341315 | Fixed |
| thunderbird | sisyphus_loongarch64 | 115.8.0-alt1 | 115.9.0-alt1 | ALT-PU-2024-3069-1 | - | Fixed |
| thunderbird | p10 | 115.8.1-alt1 | 115.9.0-alt1 | ALT-PU-2024-3860-2 | 342581 | Fixed |
| thunderbird | c10f1 | 115.8.1-alt0.c10.1 | 115.9.0-alt0.c10.1 | ALT-PU-2024-4748-2 | 343092 | Fixed |