{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2020-020.pdf"
    },
    "title": "Critical Vulnerabilities in Firefox",
    "serial_number": "2020-020",
    "publish_date": "06-04-2020 15:26:00",
    "description": "On the 3rd of April 2020, Mozilla released an advisory concerning two critical vulnerabilities affecting Firefox browser. According to Mozilla, both vulnerabilities are related to \"use-after-free\" bugs and have been exploited in the wild in targeted attacks.<br>It is strongly recommended to update Firefox and Firefox ESR to the latest version available.",
    "url_title": "2020-020",
    "content_markdown": "---\ntitle: 'Critical Vulnerabilities in Firefox'\nversion: '1.0'\nnumber: '2020-020'\ndate: 'April 6, 2020'\n---\n\n_History:_\n\n* _06/04/2020 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn the 3rd of April 2020, Mozilla released an advisory concerning two critical vulnerabilities affecting Firefox browser [1]. According to Mozilla, both vulnerabilities are related to `use-after-free` bugs and have been exploited in the wild in targeted attacks.\nIt is strongly recommended to update **Firefox** and **Firefox ESR** to the latest version available.\n\n# Technical Details\n\nThe vulnerability CVE-2020-6819 with **critical severity** is a `use-after-free` flaw, caused by a race condition while running the `nsDocShell destructor`.\n\nThe vulnerability CVE-2020-6820 with **critical severity** is a `use-after-free` flaw, caused by a race condition when handling a `ReadableStream`.\n\nIt is unclear how these vulnerabilities can be exploited, only that attacks happen right now that exploit them [2]. `ReadableStream` is used to read data streams, `nsDocShell`'s issue seems to have been caused by data not being released properly.\n\n# Products Affected\n\nList of all affected products:\n\n* Firefox before 74.0.1\n* Firefox ESR before 68.6.1\n\n# Recommendations\n\nUpdate Firefox products to the latest versions:\n\n* Firefox 74.0.1\n* Firefox ESR 68.6.1\n\n# References\n\n[1] <https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/>\n\n[2] <https://www.ghacks.net/2020/04/04/firefox-74-0-1-stable-out-with-important-security-fixes/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>06/04/2020 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On the 3rd of April 2020, Mozilla released an advisory concerning two critical vulnerabilities affecting Firefox browser [1]. According to Mozilla, both vulnerabilities are related to <code>use-after-free</code> bugs and have been exploited in the wild in targeted attacks. It is strongly recommended to update <strong>Firefox</strong> and <strong>Firefox ESR</strong> to the latest version available.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability CVE-2020-6819 with <strong>critical severity</strong> is a <code>use-after-free</code> flaw, caused by a race condition while running the <code>nsDocShell destructor</code>.</p><p>The vulnerability CVE-2020-6820 with <strong>critical severity</strong> is a <code>use-after-free</code> flaw, caused by a race condition when handling a <code>ReadableStream</code>.</p><p>It is unclear how these vulnerabilities can be exploited, only that attacks happen right now that exploit them [2]. <code>ReadableStream</code> is used to read data streams, <code>nsDocShell</code>'s issue seems to have been caused by data not being released properly.</p><h2 id=\"products-affected\">Products Affected</h2><p>List of all affected products:</p><ul><li>Firefox before 74.0.1</li><li>Firefox ESR before 68.6.1</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>Update Firefox products to the latest versions:</p><ul><li>Firefox 74.0.1</li><li>Firefox ESR 68.6.1</li></ul><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/\">https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.ghacks.net/2020/04/04/firefox-74-0-1-stable-out-with-important-security-fixes/\">https://www.ghacks.net/2020/04/04/firefox-74-0-1-stable-out-with-important-security-fixes/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}