Upstream information

CVE-2021-29970 at MITRE

Description

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

SUSE information

Overall state of this security issue: Analysis

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 1188275 [NEW]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
HPE Helion Openstack 8
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
HPE-Helion-OpenStack-8-2021-2389
SUSE CaaS Platform 4.0
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SUSE-CAASP-4.0-2021-2478
SUSE Enterprise Storage 6
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-Storage-6-2021-2478
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-2478
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-2478
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-HPC-15-2021-2478
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
  • MozillaFirefox >= 78.12.0-8.46.1
  • MozillaFirefox-devel >= 78.12.0-8.46.1
  • MozillaFirefox-translations-common >= 78.12.0-8.46.1
  • MozillaFirefox-translations-other >= 78.12.0-8.46.1
Patchnames:
SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-2393
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
  • MozillaFirefox >= 78.12.0-8.46.1
  • MozillaFirefox-devel >= 78.12.0-8.46.1
  • MozillaFirefox-translations-common >= 78.12.0-8.46.1
  • MozillaFirefox-translations-other >= 78.12.0-8.46.1
Patchnames:
SUSE-SLE-Module-Desktop-Applications-15-SP3-2021-2393
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
  • MozillaFirefox-branding-upstream >= 78.12.0-3.147.1
  • MozillaFirefox-buildsymbols >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Module-Development-Tools-OBS-15-SP2-2021-2478
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP3
  • MozillaFirefox-branding-upstream >= 78.12.0-8.46.1
  • MozillaFirefox-buildsymbols >= 78.12.0-8.46.1
  • MozillaFirefox-devel >= 78.12.0-8.46.1
  • MozillaThunderbird-translations-common >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-other >= 78.12.0-8.33.1
Patchnames:
SUSE-SLE-Module-Development-Tools-OBS-15-SP3-2021-2393
SUSE-SLE-Module-Development-Tools-OBS-15-SP3-2021-2458
SUSE Linux Enterprise Server 11 SP4-LTSS
  • MozillaFirefox >= 78.12.0-78.134.1
  • MozillaFirefox-translations-common >= 78.12.0-78.134.1
  • MozillaFirefox-translations-other >= 78.12.0-78.134.1
Patchnames:
slessp4-MozillaFirefox-14766
SUSE Linux Enterprise Server 12 SP2-BCL
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-BCL-2021-2389
SUSE Linux Enterprise Server 12 SP3-BCL
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-BCL-2021-2389
SUSE Linux Enterprise Server 12 SP3-ESPOS
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-ESPOS-2021-2389
SUSE Linux Enterprise Server 12 SP3-LTSS
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-2021-2389
SUSE Linux Enterprise Server 12 SP4-ESPOS
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP4-ESPOS-2021-2389
SUSE Linux Enterprise Server 12 SP4-LTSS
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP4-LTSS-2021-2389
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SERVER-12-SP5-2021-2389
SUSE Linux Enterprise Server 15 SP1-BCL
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SLES-15-SP1-BCL-2021-2478
SUSE Linux Enterprise Server 15 SP1-LTSS
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-2478
SUSE Linux Enterprise Server 15-LTSS
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SLES-15-2021-2478
SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SAP-12-SP3-2021-2389
SUSE Linux Enterprise Server for SAP Applications 12 SP4
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SAP-12-SP4-2021-2389
SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SLES_SAP-15-SP1-2021-2478
SUSE Linux Enterprise Server for SAP Applications 15
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SLES_SAP-15-2021-2478
SUSE Linux Enterprise Software Development Kit 12 SP5
  • MozillaFirefox-devel >= 78.12.0-112.65.1
Patchnames:
SUSE-SLE-SDK-12-SP5-2021-2389
SUSE Linux Enterprise Workstation Extension 15 SP2
  • MozillaThunderbird >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-common >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-other >= 78.12.0-8.33.1
Patchnames:
SUSE-SLE-Product-WE-15-SP2-2021-2458
SUSE Linux Enterprise Workstation Extension 15 SP3
  • MozillaThunderbird >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-common >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-other >= 78.12.0-8.33.1
Patchnames:
SUSE-SLE-Product-WE-15-SP3-2021-2458
SUSE Manager Proxy 4.0
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-2478
SUSE Manager Retail Branch Server 4.0
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-2478
SUSE Manager Server 4.0
  • MozillaFirefox >= 78.12.0-3.147.1
  • MozillaFirefox-devel >= 78.12.0-3.147.1
  • MozillaFirefox-translations-common >= 78.12.0-3.147.1
  • MozillaFirefox-translations-other >= 78.12.0-3.147.1
Patchnames:
SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-2478
SUSE OpenStack Cloud 8
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-OpenStack-Cloud-8-2021-2389
SUSE OpenStack Cloud 9
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-OpenStack-Cloud-9-2021-2389
SUSE OpenStack Cloud Crowbar 8
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-OpenStack-Cloud-Crowbar-8-2021-2389
SUSE OpenStack Cloud Crowbar 9
  • MozillaFirefox >= 78.12.0-112.65.1
  • MozillaFirefox-devel >= 78.12.0-112.65.1
  • MozillaFirefox-translations-common >= 78.12.0-112.65.1
Patchnames:
SUSE-OpenStack-Cloud-Crowbar-9-2021-2389
openSUSE Leap 15.2
  • MozillaFirefox >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-branding-upstream >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-buildsymbols >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-debuginfo >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-debugsource >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-devel >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-translations-common >= 78.12.0-lp152.2.61.1
  • MozillaFirefox-translations-other >= 78.12.0-lp152.2.61.1
  • MozillaThunderbird >= 78.12.0-lp152.2.48.2
  • MozillaThunderbird-debuginfo >= 78.12.0-lp152.2.48.2
  • MozillaThunderbird-debugsource >= 78.12.0-lp152.2.48.2
  • MozillaThunderbird-translations-common >= 78.12.0-lp152.2.48.2
  • MozillaThunderbird-translations-other >= 78.12.0-lp152.2.48.2
Patchnames:
openSUSE-2021-1066
openSUSE-2021-1091
openSUSE Leap 15.3
  • MozillaFirefox >= 78.12.0-8.46.1
  • MozillaFirefox-branding-upstream >= 78.12.0-8.46.1
  • MozillaFirefox-buildsymbols >= 78.12.0-8.46.1
  • MozillaFirefox-devel >= 78.12.0-8.46.1
  • MozillaFirefox-translations-common >= 78.12.0-8.46.1
  • MozillaFirefox-translations-other >= 78.12.0-8.46.1
  • MozillaThunderbird >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-common >= 78.12.0-8.33.1
  • MozillaThunderbird-translations-other >= 78.12.0-8.33.1
Patchnames:
openSUSE-SLE-15.3-2021-2393
openSUSE-SLE-15.3-2021-2458


Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s) Source package State
HPE Helion OpenStack 8 MozillaFirefox Released
SUSE CaaS Platform 4.0 MozillaFirefox Released
SUSE Enterprise Storage 6 MozillaFirefox Released
SUSE Linux Enterprise High Performance Computing 12 SP5 MozillaFirefox Released
SUSE Linux Enterprise High Performance Computing 15 LTSS MozillaFirefox Released
SUSE Linux Enterprise High Performance Computing 15 SP1 ESPOS MozillaFirefox Released
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS MozillaFirefox Released
SUSE Linux Enterprise Module for Desktop Applications 15 SP2 MozillaFirefox Released
SUSE Linux Enterprise Module for Desktop Applications 15 SP3 MozillaFirefox Released
SUSE Linux Enterprise Point of Service 11 SP3 MozillaFirefox Ignore
SUSE Linux Enterprise Server 11 SP4 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP2 BCL MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP2 LTSS ERICSSON MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP2 LTSS SAP MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP3 BCL MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP3 ESPOS MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP3 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP4 ESPOS MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP4 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 12 SP5 MozillaFirefox Released
SUSE Linux Enterprise Server 15 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 15 SP1 Business Critical Linux MozillaFirefox Released
SUSE Linux Enterprise Server 15 SP1 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server ESPOS 15 MozillaFirefox Released
SUSE Linux Enterprise Server for SAP Applications 12 SP3 MozillaFirefox Released
SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox Released
SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox Affected
SUSE Linux Enterprise Server for SAP Applications 15 MozillaFirefox Released
SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox Released
SUSE Linux Enterprise Software Development Kit 12 SP5 MozillaFirefox Released
SUSE Linux Enterprise Workstation Extension 15 SP2 MozillaThunderbird In progress
SUSE Manager Proxy 4.0 MozillaFirefox Released
SUSE Manager Retail Branch Server 4.0 MozillaFirefox Released
SUSE Manager Server 4.0 MozillaFirefox Released
SUSE OpenStack Cloud 8 MozillaFirefox Released
SUSE OpenStack Cloud 9 MozillaFirefox Released
SUSE OpenStack Cloud Crowbar 8 MozillaFirefox Released
SUSE OpenStack Cloud Crowbar 9 MozillaFirefox Released