[Apollo] Advisories Statistics light light Login

RLSA-2025:21281

Security Mirrored from RHSA-2025:21281
Issued at: 2025-11-21
Updated at: 2025-11-23

Synopsis

Important: firefox security update



Description

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

* firefox: Mitigation bypass in the DOM: Security component (CVE-2025-13018)

* firefox: Use-after-free in the Audio/Video component (CVE-2025-13014)

* firefox: Incorrect boundary conditions in the JavaScript: WebAssembly component (CVE-2025-13016)

* firefox: Same-origin policy bypass in the DOM: Workers component (CVE-2025-13019)

* firefox: Use-after-free in the WebRTC: Audio/Video component (CVE-2025-13020)

* firefox: Race condition in the Graphics component (CVE-2025-13012)

* firefox: Spoofing issue in Firefox (CVE-2025-13015)

* firefox: Mitigation bypass in the DOM: Core & HTML component (CVE-2025-13013)

* firefox: Same-origin policy bypass in the DOM: Notifications component (CVE-2025-13017)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2414079 2414080 2414083 2414084 2414085 2414086 2414090 2414091 2414092

CVEs

CVE-2025-13012 CVE-2025-13013 CVE-2025-13014 CVE-2025-13015 CVE-2025-13016 CVE-2025-13017 CVE-2025-13018 CVE-2025-13019 CVE-2025-13020

Affected packages

Rocky Linux 10 aarch64 - AppStream

firefox-0:140.5.0-2.el10_1.aarch64.rpm firefox-0:140.5.0-2.el10_1.src.rpm firefox-debuginfo-0:140.5.0-2.el10_1.aarch64.rpm firefox-debugsource-0:140.5.0-2.el10_1.aarch64.rpm

Rocky Linux 10 ppc64le - AppStream

firefox-0:140.5.0-2.el10_1.ppc64le.rpm firefox-0:140.5.0-2.el10_1.src.rpm firefox-debuginfo-0:140.5.0-2.el10_1.ppc64le.rpm firefox-debugsource-0:140.5.0-2.el10_1.ppc64le.rpm

Rocky Linux 10 s390x - AppStream

firefox-0:140.5.0-2.el10_1.s390x.rpm firefox-0:140.5.0-2.el10_1.src.rpm firefox-debuginfo-0:140.5.0-2.el10_1.s390x.rpm firefox-debugsource-0:140.5.0-2.el10_1.s390x.rpm

Rocky Linux 10 x86_64 - AppStream

firefox-0:140.5.0-2.el10_1.src.rpm firefox-0:140.5.0-2.el10_1.x86_64.rpm firefox-debuginfo-0:140.5.0-2.el10_1.x86_64.rpm firefox-debugsource-0:140.5.0-2.el10_1.x86_64.rpm