Issued:: 2024-07-11
Updated:: 2024-07-11

RHSA-2024:4500 - Security Advisory

Overview
Updated Packages

Synopsis

Important: firefox security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 (CVE-2024-6604)
Mozilla: Race condition in permission assignment (CVE-2024-6601)
Mozilla: Memory corruption in thread creation (CVE-2024-6603)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

BZ - 2296636 - CVE-2024-6601 Mozilla: Race condition in permission assignment
BZ - 2296639 - CVE-2024-6604 Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
x86_64
firefox-115.13.0-3.el9_4.x86_64.rpm	SHA-256: d717645fb0f73e061b5e4662f64c72b9227d180e76c45ead5f9d726e985b57f8
firefox-debuginfo-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 51c53c656ff30b990c7fc7ab40b55e9b605fee12c1918c2bb11d11e7c2573a44
firefox-debugsource-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 2be8ed0b04ce0d1ef00f6c12ae167308fbd9f3d8e10c924f44a8e529c38761e2
firefox-x11-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 17507dbe83b0f2025d1546aa8c6fdd6661a1dd614eccd8251100c0f905cc4596

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
x86_64
firefox-115.13.0-3.el9_4.x86_64.rpm	SHA-256: d717645fb0f73e061b5e4662f64c72b9227d180e76c45ead5f9d726e985b57f8
firefox-debuginfo-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 51c53c656ff30b990c7fc7ab40b55e9b605fee12c1918c2bb11d11e7c2573a44
firefox-debugsource-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 2be8ed0b04ce0d1ef00f6c12ae167308fbd9f3d8e10c924f44a8e529c38761e2
firefox-x11-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 17507dbe83b0f2025d1546aa8c6fdd6661a1dd614eccd8251100c0f905cc4596

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
x86_64
firefox-115.13.0-3.el9_4.x86_64.rpm	SHA-256: d717645fb0f73e061b5e4662f64c72b9227d180e76c45ead5f9d726e985b57f8
firefox-debuginfo-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 51c53c656ff30b990c7fc7ab40b55e9b605fee12c1918c2bb11d11e7c2573a44
firefox-debugsource-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 2be8ed0b04ce0d1ef00f6c12ae167308fbd9f3d8e10c924f44a8e529c38761e2
firefox-x11-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 17507dbe83b0f2025d1546aa8c6fdd6661a1dd614eccd8251100c0f905cc4596

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
s390x
firefox-115.13.0-3.el9_4.s390x.rpm	SHA-256: 943474c36b8d44f90b2ebc4b0e939d3db6ef8b6031f5212e151ba096de53b919
firefox-debuginfo-115.13.0-3.el9_4.s390x.rpm	SHA-256: 79260328bee356090ac18be5335cbe15acbac4480a4f6e2a1e2d34518ebbb201
firefox-debugsource-115.13.0-3.el9_4.s390x.rpm	SHA-256: 7f0cc0669a464fa0f5b2d48303b4b3f000563c2c6ef466d1e95beb6d6edecdf3
firefox-x11-115.13.0-3.el9_4.s390x.rpm	SHA-256: d8e06777f2c9d24533fd70f4866e8021db451605a09901048720017d77381eb2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
s390x
firefox-115.13.0-3.el9_4.s390x.rpm	SHA-256: 943474c36b8d44f90b2ebc4b0e939d3db6ef8b6031f5212e151ba096de53b919
firefox-debuginfo-115.13.0-3.el9_4.s390x.rpm	SHA-256: 79260328bee356090ac18be5335cbe15acbac4480a4f6e2a1e2d34518ebbb201
firefox-debugsource-115.13.0-3.el9_4.s390x.rpm	SHA-256: 7f0cc0669a464fa0f5b2d48303b4b3f000563c2c6ef466d1e95beb6d6edecdf3
firefox-x11-115.13.0-3.el9_4.s390x.rpm	SHA-256: d8e06777f2c9d24533fd70f4866e8021db451605a09901048720017d77381eb2

Red Hat Enterprise Linux for Power, little endian 9

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
ppc64le
firefox-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 5f3d6184c456f20b2c38f37b8253675740165394e1cadd539db37cd310bb6225
firefox-debuginfo-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 7c7c7cb46771672dcb76b9f5b154f89ffc703d23547b9cec5054b42b41b8c6c6
firefox-debugsource-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 3a7bfb1636dc77f65af1f93e95dfbd553c6de65145f42a68e61f73d1d271d8c9
firefox-x11-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 14b49cc794264662a6facd00d8bc392ef0e35267a61dd150abdb814908faa09c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
ppc64le
firefox-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 5f3d6184c456f20b2c38f37b8253675740165394e1cadd539db37cd310bb6225
firefox-debuginfo-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 7c7c7cb46771672dcb76b9f5b154f89ffc703d23547b9cec5054b42b41b8c6c6
firefox-debugsource-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 3a7bfb1636dc77f65af1f93e95dfbd553c6de65145f42a68e61f73d1d271d8c9
firefox-x11-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 14b49cc794264662a6facd00d8bc392ef0e35267a61dd150abdb814908faa09c

Red Hat Enterprise Linux for ARM 64 9

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
aarch64
firefox-115.13.0-3.el9_4.aarch64.rpm	SHA-256: eba78748cde02f06b7d23b18c0434278be0c9f2884f38563517447ea74aab4ff
firefox-debuginfo-115.13.0-3.el9_4.aarch64.rpm	SHA-256: c531163d765e8c4f43186358fc94fcc5b58b119f3ce09e91de005904cd02bf76
firefox-debugsource-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 51379f2ff2a2724e012c76a7cf24bba6ca4b4c0d419422b134ea3c0e1f36120f
firefox-x11-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 4e939efec3d6d62e22cf146f7d99180942bb772ec80002001af86b18ecde0c6c

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
aarch64
firefox-115.13.0-3.el9_4.aarch64.rpm	SHA-256: eba78748cde02f06b7d23b18c0434278be0c9f2884f38563517447ea74aab4ff
firefox-debuginfo-115.13.0-3.el9_4.aarch64.rpm	SHA-256: c531163d765e8c4f43186358fc94fcc5b58b119f3ce09e91de005904cd02bf76
firefox-debugsource-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 51379f2ff2a2724e012c76a7cf24bba6ca4b4c0d419422b134ea3c0e1f36120f
firefox-x11-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 4e939efec3d6d62e22cf146f7d99180942bb772ec80002001af86b18ecde0c6c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
ppc64le
firefox-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 5f3d6184c456f20b2c38f37b8253675740165394e1cadd539db37cd310bb6225
firefox-debuginfo-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 7c7c7cb46771672dcb76b9f5b154f89ffc703d23547b9cec5054b42b41b8c6c6
firefox-debugsource-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 3a7bfb1636dc77f65af1f93e95dfbd553c6de65145f42a68e61f73d1d271d8c9
firefox-x11-115.13.0-3.el9_4.ppc64le.rpm	SHA-256: 14b49cc794264662a6facd00d8bc392ef0e35267a61dd150abdb814908faa09c

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
x86_64
firefox-115.13.0-3.el9_4.x86_64.rpm	SHA-256: d717645fb0f73e061b5e4662f64c72b9227d180e76c45ead5f9d726e985b57f8
firefox-debuginfo-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 51c53c656ff30b990c7fc7ab40b55e9b605fee12c1918c2bb11d11e7c2573a44
firefox-debugsource-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 2be8ed0b04ce0d1ef00f6c12ae167308fbd9f3d8e10c924f44a8e529c38761e2
firefox-x11-115.13.0-3.el9_4.x86_64.rpm	SHA-256: 17507dbe83b0f2025d1546aa8c6fdd6661a1dd614eccd8251100c0f905cc4596

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
aarch64
firefox-115.13.0-3.el9_4.aarch64.rpm	SHA-256: eba78748cde02f06b7d23b18c0434278be0c9f2884f38563517447ea74aab4ff
firefox-debuginfo-115.13.0-3.el9_4.aarch64.rpm	SHA-256: c531163d765e8c4f43186358fc94fcc5b58b119f3ce09e91de005904cd02bf76
firefox-debugsource-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 51379f2ff2a2724e012c76a7cf24bba6ca4b4c0d419422b134ea3c0e1f36120f
firefox-x11-115.13.0-3.el9_4.aarch64.rpm	SHA-256: 4e939efec3d6d62e22cf146f7d99180942bb772ec80002001af86b18ecde0c6c

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
firefox-115.13.0-3.el9_4.src.rpm	SHA-256: cf9b1efdc3a1adcf286caf2c2112a5a67b3702419e31f4d171ab8eb20053941c
s390x
firefox-115.13.0-3.el9_4.s390x.rpm	SHA-256: 943474c36b8d44f90b2ebc4b0e939d3db6ef8b6031f5212e151ba096de53b919
firefox-debuginfo-115.13.0-3.el9_4.s390x.rpm	SHA-256: 79260328bee356090ac18be5335cbe15acbac4480a4f6e2a1e2d34518ebbb201
firefox-debugsource-115.13.0-3.el9_4.s390x.rpm	SHA-256: 7f0cc0669a464fa0f5b2d48303b4b3f000563c2c6ef466d1e95beb6d6edecdf3
firefox-x11-115.13.0-3.el9_4.s390x.rpm	SHA-256: d8e06777f2c9d24533fd70f4866e8021db451605a09901048720017d77381eb2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation