发布时间: 2025年3月5日
修改时间: 2025年3月14日
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
| NVD | openEuler | |
|---|---|---|
| CVSS评分 | N/A | 7.8 |
| Attack Vector | Local | |
| Attack Complexity | Low | |
| Privileges Required | Low | |
| User Interaction | None | |
| Scope | Unchanged | |
| Confidentiality | High | |
| Integrity | High | |
| Availability | High |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2025-2445 | firefox security update | 2025年3月14日 |
| 产品 | 包 | 状态 |
|---|---|---|
| KY3.4-5A | firefox | Affected |
| KY3.5.2 | firefox | Fixed |
| V6 | firefox | Fixed |
