CVE-2025-0247: Memory safety bugs fixed in Firefox 134 and Thunderbird 134
Published Jan 7, 2025
·Updated
Last updated 9 January 2025
Other sources
Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
— Mozilla
Affected Software
5 affected componentsFixes available
debian/firefox
134.0-1
Mozilla Thunderbird<134
134
Mozilla Firefox<134
134
Mozilla Firefox<134.0
Mozilla Thunderbird<134.0
Event History
Jan 7, 2025
CVE Published
via Mozilla·12:00 AM
CVE Published
via MITRE·04:07 PM
Data Sourced
via MITRE·04:07 PM
Description
Data Sourced
via NVD·04:15 PM
Description
Data Sourced
via NVD·04:15 PM
SeverityWeaknessAffected Software
Jan 8, 2025
News Published
via ZDNet·04:06 PM
Jan 12, 2025
News Published
via ZDNet·05:04 PM
Jan 13, 2025
Data Sourced
via Ubuntu·05:36 AM
RemedyDescriptionSeverityAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
1
What is the severity of CVE-2025-0247?
CVE-2025-0247 is classified as a high-severity vulnerability due to the potential for memory corruption and arbitrary code execution.
2
How do I fix CVE-2025-0247?
To mitigate CVE-2025-0247, update Firefox and Thunderbird to version 134 or higher.
3
Which versions of Firefox are affected by CVE-2025-0247?
CVE-2025-0247 affects Firefox versions prior to 134.
4
Which versions of Thunderbird are affected by CVE-2025-0247?
CVE-2025-0247 affects Thunderbird versions prior to 134.
5
What types of products are impacted by CVE-2025-0247?
CVE-2025-0247 impacts both Firefox and Thunderbird applications.