概述
Important: firefox security update
类型/严重性
Security Advisory: Important
标题
An update for firefox is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
- firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 (CVE-2025-14333)
- firefox: Use-after-free in the WebRTC: Signaling component (CVE-2025-14321)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14325)
- firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component (CVE-2025-14322)
- firefox: Privilege escalation in the Netmonitor component (CVE-2025-14328)
- firefox: Privilege escalation in the Netmonitor component (CVE-2025-14329)
- firefox: Same-origin policy bypass in the Request Handling component (CVE-2025-14331)
- firefox: Privilege escalation in the DOM: Notifications component (CVE-2025-14323)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14330)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14324)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x
修复
-
BZ - 2420502
- CVE-2025-14333 firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
-
BZ - 2420503
- CVE-2025-14321 firefox: Use-after-free in the WebRTC: Signaling component
-
BZ - 2420504
- CVE-2025-14325 firefox: JIT miscompilation in the JavaScript Engine: JIT component
-
BZ - 2420506
- CVE-2025-14322 firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
-
BZ - 2420508
- CVE-2025-14328 firefox: Privilege escalation in the Netmonitor component
-
BZ - 2420509
- CVE-2025-14329 firefox: Privilege escalation in the Netmonitor component
-
BZ - 2420512
- CVE-2025-14331 firefox: Same-origin policy bypass in the Request Handling component
-
BZ - 2420513
- CVE-2025-14323 firefox: Privilege escalation in the DOM: Notifications component
-
BZ - 2420516
- CVE-2025-14330 firefox: JIT miscompilation in the JavaScript Engine: JIT component
-
BZ - 2420517
- CVE-2025-14324 firefox: JIT miscompilation in the JavaScript Engine: JIT component
备注:
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| x86_64 |
|
firefox-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 50a33e1669e62b2f308bdd1d5e5b5a182df7cd248a2ebe9c7853ad7e5a1d3514 |
|
firefox-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c274fbf2586e36aa0696b990ed59da6089d6546f1f33a1970379c1046fb3835 |
|
firefox-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c073845916b75ef0ef2c0a97df5b7af31dd12fba3f13f8bd1d78f9203e38df4 |
|
firefox-x11-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: f2acc9dfe34fe3ba39473ba630acaccdf8af3fb24e7cc4a01a2d9ac26a193d80 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| x86_64 |
|
firefox-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 50a33e1669e62b2f308bdd1d5e5b5a182df7cd248a2ebe9c7853ad7e5a1d3514 |
|
firefox-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c274fbf2586e36aa0696b990ed59da6089d6546f1f33a1970379c1046fb3835 |
|
firefox-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c073845916b75ef0ef2c0a97df5b7af31dd12fba3f13f8bd1d78f9203e38df4 |
|
firefox-x11-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: f2acc9dfe34fe3ba39473ba630acaccdf8af3fb24e7cc4a01a2d9ac26a193d80 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| s390x |
|
firefox-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3b682e79ba306e8ab6526a7164b73705e4503673687046097404de1983919c6e |
|
firefox-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 46e409ac34f64e444f3e6430bd303564c3120747e074047b07004aecfb0a9556 |
|
firefox-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3fb86033fc3bd61a76dd2ef15bbcd1d4fe1326e9daeb2c6575835c0980a33af9 |
|
firefox-x11-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 0b03f92641232e0472d081363ee0636b8483448a2eaae3980707bb2add6eaa65 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| s390x |
|
firefox-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3b682e79ba306e8ab6526a7164b73705e4503673687046097404de1983919c6e |
|
firefox-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 46e409ac34f64e444f3e6430bd303564c3120747e074047b07004aecfb0a9556 |
|
firefox-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3fb86033fc3bd61a76dd2ef15bbcd1d4fe1326e9daeb2c6575835c0980a33af9 |
|
firefox-x11-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 0b03f92641232e0472d081363ee0636b8483448a2eaae3980707bb2add6eaa65 |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| ppc64le |
|
firefox-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 08f166cfa60337dd71ba1f3f78df48d51700e7eecdd923f15e8c03b6b9164703 |
|
firefox-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: c9cd8fd4a5bfd223f6dd24131228ea2353eaaf21ac2717b3796170e66b1cd39a |
|
firefox-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b11e88fc7b164d889d9626f7d7a45330eb2885776c1259ee6cfdbe5292aa624a |
|
firefox-x11-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: ade7816a4ae525dfe51451896ef710b44c649a33f3eda82fc918007e36b57239 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| ppc64le |
|
firefox-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 08f166cfa60337dd71ba1f3f78df48d51700e7eecdd923f15e8c03b6b9164703 |
|
firefox-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: c9cd8fd4a5bfd223f6dd24131228ea2353eaaf21ac2717b3796170e66b1cd39a |
|
firefox-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b11e88fc7b164d889d9626f7d7a45330eb2885776c1259ee6cfdbe5292aa624a |
|
firefox-x11-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: ade7816a4ae525dfe51451896ef710b44c649a33f3eda82fc918007e36b57239 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| aarch64 |
|
firefox-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: e2c41e1136adc898e67335e7e676e315a4cbd4f69055ef44919a4dc2f2d57c9c |
|
firefox-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: ed109da6701f61678660721c751152c744a439726144dd808a35fffabc781fe2 |
|
firefox-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: bdae5b7cb8687f6f48840d9cd78915e7e810c395a21a634c468253fe38b1c98d |
|
firefox-x11-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: c4d27abf0ae939b5fa2eed0faf81f65736593581d4f217c95ccc86a06a0e8a6c |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| aarch64 |
|
firefox-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: e2c41e1136adc898e67335e7e676e315a4cbd4f69055ef44919a4dc2f2d57c9c |
|
firefox-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: ed109da6701f61678660721c751152c744a439726144dd808a35fffabc781fe2 |
|
firefox-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: bdae5b7cb8687f6f48840d9cd78915e7e810c395a21a634c468253fe38b1c98d |
|
firefox-x11-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: c4d27abf0ae939b5fa2eed0faf81f65736593581d4f217c95ccc86a06a0e8a6c |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| ppc64le |
|
firefox-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 08f166cfa60337dd71ba1f3f78df48d51700e7eecdd923f15e8c03b6b9164703 |
|
firefox-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: c9cd8fd4a5bfd223f6dd24131228ea2353eaaf21ac2717b3796170e66b1cd39a |
|
firefox-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b11e88fc7b164d889d9626f7d7a45330eb2885776c1259ee6cfdbe5292aa624a |
|
firefox-x11-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: ade7816a4ae525dfe51451896ef710b44c649a33f3eda82fc918007e36b57239 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| x86_64 |
|
firefox-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 50a33e1669e62b2f308bdd1d5e5b5a182df7cd248a2ebe9c7853ad7e5a1d3514 |
|
firefox-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c274fbf2586e36aa0696b990ed59da6089d6546f1f33a1970379c1046fb3835 |
|
firefox-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c073845916b75ef0ef2c0a97df5b7af31dd12fba3f13f8bd1d78f9203e38df4 |
|
firefox-x11-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: f2acc9dfe34fe3ba39473ba630acaccdf8af3fb24e7cc4a01a2d9ac26a193d80 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| aarch64 |
|
firefox-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: e2c41e1136adc898e67335e7e676e315a4cbd4f69055ef44919a4dc2f2d57c9c |
|
firefox-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: ed109da6701f61678660721c751152c744a439726144dd808a35fffabc781fe2 |
|
firefox-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: bdae5b7cb8687f6f48840d9cd78915e7e810c395a21a634c468253fe38b1c98d |
|
firefox-x11-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: c4d27abf0ae939b5fa2eed0faf81f65736593581d4f217c95ccc86a06a0e8a6c |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| s390x |
|
firefox-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3b682e79ba306e8ab6526a7164b73705e4503673687046097404de1983919c6e |
|
firefox-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 46e409ac34f64e444f3e6430bd303564c3120747e074047b07004aecfb0a9556 |
|
firefox-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3fb86033fc3bd61a76dd2ef15bbcd1d4fe1326e9daeb2c6575835c0980a33af9 |
|
firefox-x11-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 0b03f92641232e0472d081363ee0636b8483448a2eaae3980707bb2add6eaa65 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| x86_64 |
|
firefox-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 50a33e1669e62b2f308bdd1d5e5b5a182df7cd248a2ebe9c7853ad7e5a1d3514 |
|
firefox-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c274fbf2586e36aa0696b990ed59da6089d6546f1f33a1970379c1046fb3835 |
|
firefox-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 4c073845916b75ef0ef2c0a97df5b7af31dd12fba3f13f8bd1d78f9203e38df4 |
|
firefox-x11-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: f2acc9dfe34fe3ba39473ba630acaccdf8af3fb24e7cc4a01a2d9ac26a193d80 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| aarch64 |
|
firefox-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: e2c41e1136adc898e67335e7e676e315a4cbd4f69055ef44919a4dc2f2d57c9c |
|
firefox-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: ed109da6701f61678660721c751152c744a439726144dd808a35fffabc781fe2 |
|
firefox-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: bdae5b7cb8687f6f48840d9cd78915e7e810c395a21a634c468253fe38b1c98d |
|
firefox-x11-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: c4d27abf0ae939b5fa2eed0faf81f65736593581d4f217c95ccc86a06a0e8a6c |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| ppc64le |
|
firefox-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 08f166cfa60337dd71ba1f3f78df48d51700e7eecdd923f15e8c03b6b9164703 |
|
firefox-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: c9cd8fd4a5bfd223f6dd24131228ea2353eaaf21ac2717b3796170e66b1cd39a |
|
firefox-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b11e88fc7b164d889d9626f7d7a45330eb2885776c1259ee6cfdbe5292aa624a |
|
firefox-x11-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: ade7816a4ae525dfe51451896ef710b44c649a33f3eda82fc918007e36b57239 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8
| SRPM |
|
firefox-140.6.0-1.el9_7.src.rpm
|
SHA-256: 9e1ed212ecb0bd3f6961c95cb2b92dcf1bfbf42731f912620c3153a1923c0a6a |
| s390x |
|
firefox-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3b682e79ba306e8ab6526a7164b73705e4503673687046097404de1983919c6e |
|
firefox-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 46e409ac34f64e444f3e6430bd303564c3120747e074047b07004aecfb0a9556 |
|
firefox-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 3fb86033fc3bd61a76dd2ef15bbcd1d4fe1326e9daeb2c6575835c0980a33af9 |
|
firefox-x11-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: 0b03f92641232e0472d081363ee0636b8483448a2eaae3980707bb2add6eaa65 |
