CVE-2020-12387 - OpenCVE

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Mozilla	Firefox Esr Firefox Thunderbird

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1545345	Issue Tracking Permissions Required
https://security.gentoo.org/glsa/202005-03	Third Party Advisory
https://security.gentoo.org/glsa/202005-04	Third Party Advisory
https://usn.ubuntu.com/4373-1/	Broken Link
https://www.mozilla.org/security/advisories/mfsa2020-16/	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2020-17/	Third Party Advisory
https://www.mozilla.org/security/advisories/mfsa2020-18/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mozilla

Published: 2020-05-26T17:04:56

Updated: 2020-06-12T21:40:58

Reserved: 2020-04-28T00:00:00

Link: CVE-2020-12387

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-05-26T18:15:10.980

Modified: 2021-12-14T20:23:28.627

Link: CVE-2020-12387

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "68.8", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "76", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "68.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0."}], "problemTypes": [{"descriptions": [{"description": "Use-after-free during worker shutdown", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-12T21:40:58", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-18/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-16/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-17/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1545345"}, {"name": "USN-4373-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4373-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://security.gentoo.org/glsa/202005-03"}, {"tags": ["x_refsource_MISC"], "url": "https://security.gentoo.org/glsa/202005-04"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2020-12387", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Firefox ESR", "version": {"version_data": [{"version_affected": "<", "version_value": "68.8"}]}}, {"product_name": "Firefox", "version": {"version_data": [{"version_affected": "<", "version_value": "76"}]}}, {"product_name": "Thunderbird", "version": {"version_data": [{"version_affected": "<", "version_value": "68.8.0"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Use-after-free during worker shutdown"}]}]}, "references": {"reference_data": [{"name": "https://www.mozilla.org/security/advisories/mfsa2020-18/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-18/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2020-16/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-16/"}, {"name": "https://www.mozilla.org/security/advisories/mfsa2020-17/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2020-17/"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1545345", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1545345"}, {"name": "USN-4373-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4373-1/"}, {"name": "https://security.gentoo.org/glsa/202005-03", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/202005-03"}, {"name": "https://security.gentoo.org/glsa/202005-04", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/202005-04"}]}}}}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2020-12387", "datePublished": "2020-05-26T17:04:56", "dateReserved": "2020-04-28T00:00:00", "dateUpdated": "2020-06-12T21:40:58", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D1E5067-8D55-4C70-B5D2-31BAB1D22F50", "versionEndExcluding": "76.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "B606E5B1-C0CA-4673-9FBA-59E0C869F2C4", "versionEndExcluding": "68.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "E93B3D35-5D8E-4583-922F-D391CB7B992D", "versionEndExcluding": "68.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0."}, {"lang": "es", "value": "Una condici\u00f3n de carrera cuando se ejecuta el c\u00f3digo shutdown para Web Worker conllevo a una vulnerabilidad de uso de la memoria previamente liberada. Esto result\u00f3 en un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 68.8, Firefox versiones anteriores a 76 y Thunderbird versiones anteriores a 68.8.0."}], "id": "CVE-2020-12387", "lastModified": "2021-12-14T20:23:28.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-26T18:15:10.980", "references": [{"source": "security@mozilla.org", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1545345"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202005-03"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202005-04"}, {"source": "security@mozilla.org", "tags": ["Broken Link"], "url": "https://usn.ubuntu.com/4373-1/"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-16/"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-17/"}, {"source": "security@mozilla.org", "tags": ["Third Party Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2020-18/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}, {"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}