CVE-2022-45412
Summary
| CVE | CVE-2022-45412 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-12-22 20:15:00 UTC |
|---|
| Updated | 2023-01-05 13:59:00 UTC |
|---|
| Description | When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer. <br>*This bug only affects Thunderbird on Unix-based operated systems (Android, Linux, MacOS). Windows is unaffected.*. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. |
|---|
NVD Known Affected Configurations (CPE 2.3)
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160260 Oracle Enterprise Linux Security Update for firefox (ELSA-2022-8552)
- 160261 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2022-8555)
- 160319 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2022-8547)
- 160321 Oracle Enterprise Linux Security Update for firefox (ELSA-2022-8554)
- 160325 Oracle Enterprise Linux Security Update for thunderbird (ELSA-2022-8561)
- 160326 Oracle Enterprise Linux Security Update for firefox (ELSA-2022-8580)
- 181222 Debian Security Update for firefox-esr (DSA 5282-1)
- 181226 Debian Security Update for thunderbird (DLA 3196-1)
- 181234 Debian Security Update for firefox-esr (DLA 3199-1)
- 181235 Debian Security Update for thunderbird (DSA 5284-1)
- 184545 Debian Security Update for firefox-esrthunderbird (CVE-2022-45412)
- 199028 Ubuntu Security Notification for Firefox Vulnerabilities (USN-5726-1)
- 199147 Ubuntu Security Notification for Thunderbird Vulnerabilities (USN-5824-1)
- 240928 Red Hat Update for firefox (RHSA-2022:8554)
- 240929 Red Hat Update for thunderbird (RHSA-2022:8544)
- 240930 Red Hat Update for firefox (RHSA-2022:8552)
- 240931 Red Hat Update for firefox (RHSA-2022:8548)
- 240932 Red Hat Update for thunderbird (RHSA-2022:8545)
- 240933 Red Hat Update for firefox (RHSA-2022:8549)
- 240934 Red Hat Update for thunderbird (RHSA-2022:8555)
- 240935 Red Hat Update for thunderbird (RHSA-2022:8547)
- 240936 Red Hat Update for thunderbird (RHSA-2022:8561)
- 240938 Red Hat Update for firefox (RHSA-2022:8580)
- 241004 Red Hat Update for thunderbird (RHSA-2022:8980)
- 241013 Red Hat Update for firefox (RHSA-2022:8979)
- 257202 CentOS Security Update for firefox (CESA-2022:8552)
- 257207 CentOS Security Update for thunderbird (CESA-2022:8555)
- 296098 Oracle Solaris 11.4 Support Repository Update (SRU) 52.132.2 Missing (CPUOCT2022)
- 356268 Amazon Linux Security Advisory for firefox : ALASFIREFOX-2023-009
- 377768 Mozilla Firefox Multiple Vulnerabilities (MFSA2022-47)
- 377769 Mozilla Thunderbird Multiple Vulnerabilities (MFSA2022-49)
- 377770 Mozilla Firefox ESR Multiple Vulnerabilities (MFSA2022-48)
- 503452 Alpine Linux Security Update for firefox-esr
- 506060 Alpine Linux Security Update for firefox-esr
- 710686 Gentoo Linux Mozilla Firefox Multiple Vulnerabilities (GLSA 202211-06)
- 710687 Gentoo Linux Mozilla Thunderbird Multiple Vulnerabilities (GLSA 202211-05)
- 752829 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:4058-1)
- 752832 SUSE Enterprise Linux Security Update for MozillaThunderbird (SUSE-SU-2022:4085-1)
- 752879 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:4247-1)
- 752924 SUSE Enterprise Linux Security Update for MozillaFirefox (SUSE-SU-2022:4083-1)
- 940845 AlmaLinux Security Update for thunderbird (ALSA-2022:8547)
- 940846 AlmaLinux Security Update for firefox (ALSA-2022:8554)
- 940847 AlmaLinux Security Update for thunderbird (ALSA-2022:8561)
- 940848 AlmaLinux Security Update for firefox (ALSA-2022:8580)
- 960181 Rocky Linux Security Update for thunderbird (RLSA-2022:8547)
- 960507 Rocky Linux Security Update for firefox (RLSA-2022:8554)
