CVE-2023-37209

A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.  This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
𝑥
< 115.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
firefox
sid
133.0.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
bionic
ignored
focal
Fixed 115.0+build2-0ubuntu0.20.04.3
released
jammy
not-affected
kinetic
ignored
lunar
not-affected
trusty
ignored
xenial
ignored
thunderbird
bionic
ignored
focal
not-affected
jammy
not-affected
kinetic
ignored
lunar
not-affected
trusty
ignored
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
MozillaFirefox
suse enterprise desktop 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise sap 12 SP5
115.0-112.165.1
fixed
suse enterprise sap 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise server 12 SP2
115.0-112.165.1
fixed
suse enterprise server 12 SP3
115.0-112.165.1
fixed
suse enterprise server 12 SP4
115.0-112.165.1
fixed
suse enterprise server 12 SP5
115.0-112.165.1
fixed
suse enterprise server 15 SP1
115.0-150000.150.91.1
fixed
suse enterprise server 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP7
115.0-150200.152.93.1
fixed
MozillaFirefox-branding-SLE-115
suse enterprise desktop 15 SP4
150200.9.13.1
fixed
suse enterprise desktop 15 SP5
150200.9.13.1
fixed
suse enterprise desktop 15 SP6
150200.9.13.1
fixed
suse enterprise desktop 15 SP7
150200.9.13.1
fixed
suse enterprise sap 12 SP5
35.12.2
fixed
suse enterprise sap 15 SP2
150200.9.13.1
fixed
suse enterprise sap 15 SP3
150200.9.13.1
fixed
suse enterprise sap 15 SP4
150200.9.13.1
fixed
suse enterprise sap 15 SP5
150200.9.13.1
fixed
suse enterprise sap 15 SP6
150200.9.13.1
fixed
suse enterprise sap 15 SP7
150200.9.13.1
fixed
suse enterprise server 12 SP2
35.12.2
fixed
suse enterprise server 12 SP3
35.12.2
fixed
suse enterprise server 12 SP4
35.12.2
fixed
suse enterprise server 12 SP5
35.12.2
fixed
suse enterprise server 15 SP1
150000.4.25.1
fixed
suse enterprise server 15 SP2
150200.9.13.1
fixed
suse enterprise server 15 SP3
150200.9.13.1
fixed
suse enterprise server 15 SP4
150200.9.13.1
fixed
suse enterprise server 15 SP5
150200.9.13.1
fixed
suse enterprise server 15 SP6
150200.9.13.1
fixed
suse enterprise server 15 SP7
150200.9.13.1
fixed
MozillaFirefox-devel
suse enterprise desktop 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise sap 12 SP5
115.0-112.165.1
fixed
suse enterprise sap 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise server 12 SP2
115.0-112.165.1
fixed
suse enterprise server 12 SP3
115.0-112.165.1
fixed
suse enterprise server 12 SP4
115.0-112.165.1
fixed
suse enterprise server 12 SP5
115.0-112.165.1
fixed
suse enterprise server 15 SP1
115.0-150000.150.91.1
fixed
suse enterprise server 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP5
115.0-150200.152.93.1
fixed
MozillaFirefox-translations-common
suse enterprise desktop 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise sap 12 SP5
115.0-112.165.1
fixed
suse enterprise sap 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise server 12 SP2
115.0-112.165.1
fixed
suse enterprise server 12 SP3
115.0-112.165.1
fixed
suse enterprise server 12 SP4
115.0-112.165.1
fixed
suse enterprise server 12 SP5
115.0-112.165.1
fixed
suse enterprise server 15 SP1
115.0-150000.150.91.1
fixed
suse enterprise server 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP7
115.0-150200.152.93.1
fixed
MozillaFirefox-translations-other
suse enterprise desktop 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise desktop 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise sap 15 SP7
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP1
115.0-150000.150.91.1
fixed
suse enterprise server 15 SP2
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP3
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP4
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP5
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP6
115.0-150200.152.93.1
fixed
suse enterprise server 15 SP7
115.0-150200.152.93.1
fixed
Common Weakness Enumeration
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1837993
https://security.gentoo.org/glsa/202401-10
https://www.mozilla.org/security/advisories/mfsa2023-22/
https://bugzilla.mozilla.org/show_bug.cgi?id=1837993
https://security.gentoo.org/glsa/202401-10
https://www.mozilla.org/security/advisories/mfsa2023-22/