CVE-2023-5175 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-5175 Interim 1 10 2025-05-01T00:22:07Z current 2023-09-29T23:21:03Z 2025-05-01T00:22:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-5175 During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Real Time 15 SP3 SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-118.0.1-1.1 MozillaFirefox-branding-upstream-118.0.1-1.1 MozillaFirefox-devel MozillaFirefox-devel-118.0.1-1.1 MozillaFirefox-translations-common MozillaFirefox-translations-common-118.0.1-1.1 MozillaFirefox-translations-other MozillaFirefox-translations-other-118.0.1-1.1 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 MozillaFirefox-118.0.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-118.0.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-devel-118.0.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-118.0.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-118.0.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise Real Time 15 SP3 MozillaFirefox-devel as a component of SUSE Linux Enterprise Real Time 15 SP3 MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Real Time 15 SP3 MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Real Time 15 SP3 MozillaFirefox as a component of SUSE Linux Enterprise Server 11 SP4 LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 MozillaFirefox-devel as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-devel as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 MozillaFirefox as a component of SUSE OpenStack Cloud 9 MozillaFirefox-devel as a component of SUSE OpenStack Cloud 9 MozillaFirefox-translations-common as a component of SUSE OpenStack Cloud 9 MozillaFirefox as a component of SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-devel as a component of SUSE OpenStack Cloud Crowbar 9 MozillaFirefox-translations-common as a component of SUSE OpenStack Cloud Crowbar 9 During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118. CVE-2023-5175 openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1 openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 SUSE Linux Enterprise Server 11 SP4 LTSS:MozillaFirefox critical 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H