19.Laptop Bed

A critical zero-day vulnerability that has been exploited in the wild was discovered in Firefox and Thunderbird. This severe bug, CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format.

This flaw could allow a remote attacker to execute arbitrary code when processing a specially crafted image.  

Mozilla has released essential updates for Firefox and Thunderbird that mitigate this critical issue. We strongly recommend that all impacted users apply the Firefox and Thunderbird updates released by their distro(s) immediately to protect against exploits leading to crashes and system compromise.

To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.

Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).