[ASA-201808-8] thunderbird: multiple issues
Chris.Rebischke at archlinux.org
Mon Aug 13 18:28:26 UTC 2018
Arch Linux Security Advisory ASA-201808-8
Date : 2018-08-10
CVE-ID : CVE-2018-5156 CVE-2018-5187 CVE-2018-12361 CVE-2018-12367
Package : thunderbird
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-751
The package thunderbird before version 60.0-1 is vulnerable to multiple
issues including arbitrary code execution and information disclosure.
Upgrade to 60.0-1.
# pacman -Syu "thunderbird>=60.0-1"
The problems have been fixed upstream in version 60.0.
- CVE-2018-5156 (arbitrary code execution)
A vulnerability can occur in Firefox before 61.0 and Thunderbird
before 60.0 when capturing a media stream when the media source type is
changed as the capture is occurring. This can result in stream data
being cast to the wrong type causing a potentially exploitable crash.
- CVE-2018-5187 (arbitrary code execution)
Several memory safety bugs have been found in Firefox before 61.0 and
Thunderbird before 60.0. Some of these bugs showed evidence of memory
corruption and Mozilla presumes that with enough effort some of these
could be exploited to run arbitrary code.
- CVE-2018-12361 (arbitrary code execution)
An integer overflow can occur in Firefox before 61.0 and Thunderbird
before 60.0 in the SwizzleData code while calculating buffer sizes. The
overflowed value is used for subsequent graphics computations when
their inputs are not sanitized which results in a potentially
- CVE-2018-12367 (information disclosure)
A security issue has been found in Firefox before 61.0 and Thunderbird
before 60.0. In the previous mitigations for Spectre, the resolution or
precision of various methods was reduced to counteract the ability to
measure precise time intervals. In that work,
PerformanceNavigationTiming was not adjusted but it was found that it
could be used as a precision timer.
- CVE-2018-12371 (arbitrary code execution)
An integer overflow vulnerability has been found in the Skia library
shipped with Firefox before 61.0 and Thunderbird before 60.0, when
allocating memory for edge builders on some systems with at least 16 GB
of RAM. This results in the use of uninitialized memory, resulting in a
potentially exploitable crash.
A remote attacker is able to execute arbitrary code or gain information
about the Spectre mitigations.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the arch-security