Arch Linux alert ASA-201803-13 (firefox)

From:
    	     
 
Jelle van der Waa <jelle@archlinux.org> 
To:
    	     
 
arch-security@archlinux.org 
Subject:
    	     
 
[ASA-201803-13] firefox: arbitrary code execution 
Date:
    	     
 
Mon, 19 Mar 2018 13:55:39 +0100
Message-ID:
    	     
 
<20180319125539.syjs7nbtakuaxtpj@mail.archlinux.org>
Arch Linux Security Advisory ASA-201803-13
==========================================

Severity: Critical
Date    : 2018-03-18
CVE-ID  : CVE-2018-5146
Package : firefox
Type    : arbitrary code execution
Remote  : Yes
Link    : https://security.archlinux.org/AVG-657

Summary
=======

The package firefox before version 59.0.1-1 is vulnerable to arbitrary
code execution.

Resolution
==========

Upgrade to 59.0.1-1.

# pacman -Syu "firefox>=59.0.1-1"

The problem has been fixed upstream in version 59.0.1.

Workaround
==========

None.

Description
===========

An out of bounds memory write vulnerability has been discovered in
libvorbis before 1.3.6 while processing Vorbis audio data related to
codebooks that are not an exact divisor of the partition size.

Impact
======

A remote attacker is able to execute arbitrary code by tricking the
user into visiting a website with a vorbis audio file.

References
==========

https://www.mozilla.org/en-US/security/advisories/mfsa201...
https://bugzilla.mozilla.org/show_bug.cgi?id=1446062
https://github.com/xiph/vorbis/commit/667ceb4aab60c1f7406...
http://seclists.org/oss-sec/2018/q1/243
https://security.archlinux.org/CVE-2018-5146