vulnerability
Ubuntu: USN-7663-1 (CVE-2024-43097): Thunderbird vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Jan 3, 2025 | Jul 23, 2025 | Aug 18, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Jan 3, 2025
Added
Jul 23, 2025
Modified
Aug 18, 2025
Description
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Solution
ubuntu-upgrade-thunderbird
References
- CVE-2024-43097
- https://attackerkb.com/topics/CVE-2024-43097
- CWE-787
- UBUNTU-USN-7663-1
- URL-https://ubuntu.com/security/notices/USN-7663-1
- URL-https://www.cve.org/CVERecord?id=CVE-2024-43097
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2024-43097
- URL-https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2024-43097
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.