Vulnerability CVE-2025-1943: Information

Description

Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136 and Thunderbird < 136.

URL: https://nvd.nist.gov/vuln/detail/CVE-2025-1943
Published: March 4, 2025
Modified: March 5, 2025

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus136.0-alt1136.0.2-alt1ALT-PU-2025-4104-2376916Fixed
firefoxsisyphus_loongarch64136.0.1-alt0.port136.0.1-alt0.portALT-PU-2025-4467-1-Fixed
firefoxp11136.0.2-alt1135.0.1-alt1ALT-PU-2025-4567-1378599Testing
thunderbirdsisyphus136.0-alt1136.0-alt1ALT-PU-2025-4378-2378178Fixed
thunderbirdsisyphus_riscv64136.0-alt1136.0-alt1ALT-PU-2025-4408-1-Fixed
thunderbirdsisyphus_loongarch64136.0-alt1136.0-alt1ALT-PU-2025-4395-1-Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
Memory safety bugs fixed in Firefox 136 and Thunderbird 136
    https://www.mozilla.org/security/advisories/mfsa2025-14/
      https://www.mozilla.org/security/advisories/mfsa2025-17/
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v25.2.1
        Back to top