Mozilla and Google each took the unusual step of rolling out a second wave of security updates in less than a week.
Mozilla covered six issues while Google had 32 to secure.
Mozilla’s latest patches again cover Firefox 74 and Firefox ESR ESR 68.6, but unlike the flaws addressed in the earlier update, these vulnerabilities are not being exploited in the wild. The latest batch covers six issues: the high-rated CVE-2020-6826, CVE-2020-6825 and CVE-2020-6821, and the moderate-rated CVE-2020-6822, CVE-2020-6823 and CVE-2020-6824.
CVE-2020-6826, CVE-2020-6825 patch memory safety bugs, found in both Firefox and Firefox ESR, that could be exploited to run arbitrary code. CVE-2020-6821 covers a problem where uninitialized memory could be read when using the WebGL copyTexSubImage method, potentially leading to sensitive data disclosure.
The moderate issues all have different causes and possible negative results.
CVE-2020-6822 is an out-of-bounds write in GMPDecodeData when processing large images, with the potential to allow someone to run arbitrary code.
CVE-2020-6823 covers a malicious extension that could obtain auth codes from OAuth login flows, potentiallyleading to an unauthorized person gaining service provider level access to a user’s account.
CVE-2020-6824 is a flaw that can happen in an instance when a user opens a private browsing window and generates a password for a site, then closes that window but leaves Firefox open. If the user opens a new private browsing window, revisits the same site, and generates a new password, then the generated passwords would be identical, rather than independent.
All the issues are resolved by updating to Firefox 75 and Firefox ESR 68.7.
Meanwhile Google has pushed out Chrome 81.0.4044.92, which includes patches for all 32 vulnerabilities. Three of the high-rated ones were singled out by Google. These are in addition to the eight problems fixed with an earlier release.
CVE-2020-6454 and CVE-2020-6423 cover use-after-free bugs in extensions and in audio, respectively. Meanwhile, CVE-2020-6455 fixes an out-of-bounds read in WebSQL.