Bugzilla – Bug 1029822
VUL-0: CVE-2017-5428: MozillaFirefox: overflow in createImageBitmap (MFSA 2017-08)
Last modified: 2022-02-13 10:58:26 UTC
There is a "chemspill" release planned for Firefox 52 because of Pwn2Own. Draft advisory: ## mfsa2017-08.yml announced: March 17, 2017 impact: critical fixed_in: - Firefox 52.0.1 - Firefox ESR 52.0.1 title: integer overflow in createImageBitmap() advisories: CVE-2017-5428: title: integer overflow in createImageBitmap() impact: critical reporter: Chaitin Security Research Lab via Trend Micro's Zero Day Initiative description: | An integer overflow in <code>createImageBitmap()</code> reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental <code>createImageBitmap</code> API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. bugs: - url: 1348168 Seems the code/revision is not yet available. I will submit later today once it hopefully appears.
Hm, they could put there a note on whether 45 is affected or not...
Wolfgang, any chance you could cc me on the upstream bug so that I could check whether we'll need to patch 45 as well?
Not even I have access to that bug but on the sec-list it was confirmed that 45 is NOT affected.
Perfect, thanks!
https://hg.mozilla.org/releases/mozilla-release/rev/2f2b4a119565
Public at https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/#CVE-2017-5428 integer overflow in createImageBitmap() Announced: March 17, 2017 Impact: critical Products Firefox, Firefox ESR Fixed in Firefox 52.0.1, Firefox ESR 52.0.1 #CVE-2017-5428: integer overflow in createImageBitmap() Reporter: Chaitin Security Research Lab via Trend Micro's Zero Day Initiative Impact: critical Description An integer overflow in createImageBitmap() was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the createImageBitmap API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. References https://bugzilla.mozilla.org/show_bug.cgi?id=1348168
This is an autogenerated message for OBS integration: This bug (1029822) was mentioned in https://build.opensuse.org/request/show/480954 42.2 / MozillaFirefox https://build.opensuse.org/request/show/480955 42.1 / MozillaFirefox
This is an autogenerated message for OBS integration: This bug (1029822) was mentioned in https://build.opensuse.org/request/show/481063 Factory / MozillaFirefox
This is an autogenerated message for OBS integration: This bug (1029822) was mentioned in https://build.opensuse.org/request/show/481401 Factory / MozillaFirefox
released for Leap, submitted for Factory
This is an autogenerated message for OBS integration: This bug (1029822) was mentioned in https://build.opensuse.org/request/show/481555 Factory / MozillaFirefox
openSUSE-SU-2017:0765-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1029822 CVE References: CVE-2017-5428 Sources used: openSUSE Leap 42.2 (src): MozillaFirefox-52.0.1-57.3.1 openSUSE Leap 42.1 (src): MozillaFirefox-52.0.1-58.1