概述
Important: firefox security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for firefox is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
- thunderbird: firefox: Memory safety bugs (CVE-2025-11714)
- thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures (CVE-2025-11709)
- thunderbird: firefox: Cross-process information leaked due to malicious IPC messages (CVE-2025-11710)
- thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance() (CVE-2025-11708)
- thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type (CVE-2025-11712)
- thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 (CVE-2025-11715)
- thunderbird: firefox: Some non-writable Object properties could be modified (CVE-2025-11711)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2403763
- CVE-2025-11714 thunderbird: firefox: Memory safety bugs
-
BZ - 2403765
- CVE-2025-11709 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textures
-
BZ - 2403768
- CVE-2025-11710 thunderbird: firefox: Cross-process information leaked due to malicious IPC messages
-
BZ - 2403769
- CVE-2025-11708 thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()
-
BZ - 2403770
- CVE-2025-11712 thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
-
BZ - 2403774
- CVE-2025-11715 thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
-
BZ - 2403776
- CVE-2025-11711 thunderbird: firefox: Some non-writable Object properties could be modified
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| x86_64 |
|
firefox-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 9bf523776731b36aa25d12520d1e8d1e75629b12e2fe4eeccfc302dfc879d3e9 |
|
firefox-debuginfo-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 1d2479849d5fe88380c6724ffedc78ce991248bc4176c905ada30235b8cac1f4 |
|
firefox-debugsource-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 287155855f60311f3896d502b874f3b8dccfb6d346df251bbabc67de729111ec |
|
firefox-x11-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: ebbf4774b589369c8fe048ddb8b7805b2a25311beca3f374c00e212b690ba7e9 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| x86_64 |
|
firefox-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 9bf523776731b36aa25d12520d1e8d1e75629b12e2fe4eeccfc302dfc879d3e9 |
|
firefox-debuginfo-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 1d2479849d5fe88380c6724ffedc78ce991248bc4176c905ada30235b8cac1f4 |
|
firefox-debugsource-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 287155855f60311f3896d502b874f3b8dccfb6d346df251bbabc67de729111ec |
|
firefox-x11-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: ebbf4774b589369c8fe048ddb8b7805b2a25311beca3f374c00e212b690ba7e9 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| x86_64 |
|
firefox-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 9bf523776731b36aa25d12520d1e8d1e75629b12e2fe4eeccfc302dfc879d3e9 |
|
firefox-debuginfo-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 1d2479849d5fe88380c6724ffedc78ce991248bc4176c905ada30235b8cac1f4 |
|
firefox-debugsource-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 287155855f60311f3896d502b874f3b8dccfb6d346df251bbabc67de729111ec |
|
firefox-x11-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: ebbf4774b589369c8fe048ddb8b7805b2a25311beca3f374c00e212b690ba7e9 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| s390x |
|
firefox-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3bb9c044637217423d3bea6d63ba6be343f1d507332383f22c433713bcd3132b |
|
firefox-debuginfo-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: f9ff6d2dd8bad0b8fce18bcdaf84bde12eb0b9c10abac380c39bf5448935a0ea |
|
firefox-debugsource-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3edb646e9a072e2f5f908686c7e6300650d393e2a34d824473c341e85e0c0c3b |
|
firefox-x11-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 63a279b83d1d5ec36de627dc111e34cc616e30ff9edf58126a1e0a7d392b49dc |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| s390x |
|
firefox-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3bb9c044637217423d3bea6d63ba6be343f1d507332383f22c433713bcd3132b |
|
firefox-debuginfo-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: f9ff6d2dd8bad0b8fce18bcdaf84bde12eb0b9c10abac380c39bf5448935a0ea |
|
firefox-debugsource-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3edb646e9a072e2f5f908686c7e6300650d393e2a34d824473c341e85e0c0c3b |
|
firefox-x11-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 63a279b83d1d5ec36de627dc111e34cc616e30ff9edf58126a1e0a7d392b49dc |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| ppc64le |
|
firefox-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 4d1c944d85d861ac49a27fb2013d11d1a8c50e43c169b63b7c7de26b854e5035 |
|
firefox-debuginfo-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1a1b9a2ce678fc92a59ea93f31c0fee309de2cd70f3170c6ff8c141270293324 |
|
firefox-debugsource-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 255de385cb5e862eda945d766170da1f88a34ff764d271d168b0d70a22f5497c |
|
firefox-x11-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: a3b6b85bd88a562560f9ea116d16d28490f342739c539f9da8b6bb29b15d954f |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| ppc64le |
|
firefox-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 4d1c944d85d861ac49a27fb2013d11d1a8c50e43c169b63b7c7de26b854e5035 |
|
firefox-debuginfo-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1a1b9a2ce678fc92a59ea93f31c0fee309de2cd70f3170c6ff8c141270293324 |
|
firefox-debugsource-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 255de385cb5e862eda945d766170da1f88a34ff764d271d168b0d70a22f5497c |
|
firefox-x11-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: a3b6b85bd88a562560f9ea116d16d28490f342739c539f9da8b6bb29b15d954f |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| aarch64 |
|
firefox-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: d813ab3b71f2d60ac4dfd9084311d2d40c089a768f750d5acef91f449921fb3d |
|
firefox-debuginfo-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 22a2984655e3f67201611afb92c7afc2b89870dbb17efc4ef7011f08ef01a84c |
|
firefox-debugsource-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 9d8e5c0a9c45de749f9947dc6e2e6896af7c675dc428089fc6f9ca2460feb694 |
|
firefox-x11-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 230ab56bd063af8953841a8d9155426d4a4917c19ab7bee85834795896693ed7 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| aarch64 |
|
firefox-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: d813ab3b71f2d60ac4dfd9084311d2d40c089a768f750d5acef91f449921fb3d |
|
firefox-debuginfo-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 22a2984655e3f67201611afb92c7afc2b89870dbb17efc4ef7011f08ef01a84c |
|
firefox-debugsource-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 9d8e5c0a9c45de749f9947dc6e2e6896af7c675dc428089fc6f9ca2460feb694 |
|
firefox-x11-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 230ab56bd063af8953841a8d9155426d4a4917c19ab7bee85834795896693ed7 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| ppc64le |
|
firefox-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 4d1c944d85d861ac49a27fb2013d11d1a8c50e43c169b63b7c7de26b854e5035 |
|
firefox-debuginfo-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1a1b9a2ce678fc92a59ea93f31c0fee309de2cd70f3170c6ff8c141270293324 |
|
firefox-debugsource-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: 255de385cb5e862eda945d766170da1f88a34ff764d271d168b0d70a22f5497c |
|
firefox-x11-140.4.0-3.el9_6.ppc64le.rpm
|
SHA-256: a3b6b85bd88a562560f9ea116d16d28490f342739c539f9da8b6bb29b15d954f |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| x86_64 |
|
firefox-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 9bf523776731b36aa25d12520d1e8d1e75629b12e2fe4eeccfc302dfc879d3e9 |
|
firefox-debuginfo-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 1d2479849d5fe88380c6724ffedc78ce991248bc4176c905ada30235b8cac1f4 |
|
firefox-debugsource-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: 287155855f60311f3896d502b874f3b8dccfb6d346df251bbabc67de729111ec |
|
firefox-x11-140.4.0-3.el9_6.x86_64.rpm
|
SHA-256: ebbf4774b589369c8fe048ddb8b7805b2a25311beca3f374c00e212b690ba7e9 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| aarch64 |
|
firefox-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: d813ab3b71f2d60ac4dfd9084311d2d40c089a768f750d5acef91f449921fb3d |
|
firefox-debuginfo-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 22a2984655e3f67201611afb92c7afc2b89870dbb17efc4ef7011f08ef01a84c |
|
firefox-debugsource-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 9d8e5c0a9c45de749f9947dc6e2e6896af7c675dc428089fc6f9ca2460feb694 |
|
firefox-x11-140.4.0-3.el9_6.aarch64.rpm
|
SHA-256: 230ab56bd063af8953841a8d9155426d4a4917c19ab7bee85834795896693ed7 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
firefox-140.4.0-3.el9_6.src.rpm
|
SHA-256: 5f5eb3d1014a7a422d8535bf77678a3bba31d82e3a401cfe3200746e94be6760 |
| s390x |
|
firefox-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3bb9c044637217423d3bea6d63ba6be343f1d507332383f22c433713bcd3132b |
|
firefox-debuginfo-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: f9ff6d2dd8bad0b8fce18bcdaf84bde12eb0b9c10abac380c39bf5448935a0ea |
|
firefox-debugsource-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 3edb646e9a072e2f5f908686c7e6300650d393e2a34d824473c341e85e0c0c3b |
|
firefox-x11-140.4.0-3.el9_6.s390x.rpm
|
SHA-256: 63a279b83d1d5ec36de627dc111e34cc616e30ff9edf58126a1e0a7d392b49dc |
