CVE-2018-5146 Ubuntu Security Notification for Firefox Vulnerability (USN-3599-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

An out-of-bounds write was discovered when processing Vorbis audio data.

漏洞危害

If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-5146)

解决方案

Refer to Ubuntu advisory USN-3599-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3599-1: 14.04 (Kylin) on src (firefox)

USN-3599-1: 17.10 (artful) on src (firefox)

USN-3599-1: 16.04 (Xenial) on src (firefox)

Leave a Reply