CVE-2022-28288 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-28288 Interim 1 16 2025-04-07T23:40:51Z current 2022-04-11T11:44:33Z 2025-04-07T23:40:51Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-28288 Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-99.0-1.1 MozillaFirefox-branding-upstream-99.0-1.1 MozillaFirefox-devel-99.0-1.1 MozillaFirefox-translations-common-99.0-1.1 MozillaFirefox-translations-other-99.0-1.1 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 libfreebl3 libfreebl3-32bit libfreebl3-hmac libfreebl3-hmac-32bit libsoftokn3 libsoftokn3-32bit libsoftokn3-hmac libsoftokn3-hmac-32bit mozilla-nss mozilla-nss-32bit mozilla-nss-certs mozilla-nss-certs-32bit mozilla-nss-devel mozilla-nss-sysinit mozilla-nss-tools MozillaFirefox-99.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-99.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-devel-99.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-99.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-99.0-1.1 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 libfreebl3 as a component of SUSE Linux Enterprise Micro 5.3 libfreebl3-hmac as a component of SUSE Linux Enterprise Micro 5.3 libsoftokn3 as a component of SUSE Linux Enterprise Micro 5.3 libsoftokn3-hmac as a component of SUSE Linux Enterprise Micro 5.3 mozilla-nss as a component of SUSE Linux Enterprise Micro 5.3 mozilla-nss-certs as a component of SUSE Linux Enterprise Micro 5.3 mozilla-nss-tools as a component of SUSE Linux Enterprise Micro 5.3 libfreebl3 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libfreebl3-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libfreebl3-hmac as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libfreebl3-hmac-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libsoftokn3 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libsoftokn3-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libsoftokn3-hmac as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libsoftokn3-hmac-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-certs as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-certs-32bit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-devel as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-sysinit as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 mozilla-nss-tools as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 MozillaFirefox as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 mozilla-nss as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 99. CVE-2022-28288 openSUSE Tumbleweed:MozillaFirefox-99.0-1.1 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-99.0-1.1 openSUSE Tumbleweed:MozillaFirefox-devel-99.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-common-99.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-other-99.0-1.1 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 SUSE Linux Enterprise Micro 5.3:libfreebl3 SUSE Linux Enterprise Micro 5.3:libfreebl3-hmac SUSE Linux Enterprise Micro 5.3:libsoftokn3 SUSE Linux Enterprise Micro 5.3:libsoftokn3-hmac SUSE Linux Enterprise Micro 5.3:mozilla-nss SUSE Linux Enterprise Micro 5.3:mozilla-nss-certs SUSE Linux Enterprise Micro 5.3:mozilla-nss-tools SUSE Linux Enterprise Module for Basesystem 15 SP4:libfreebl3 SUSE Linux Enterprise Module for Basesystem 15 SP4:libfreebl3-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:libfreebl3-hmac SUSE Linux Enterprise Module for Basesystem 15 SP4:libfreebl3-hmac-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:libsoftokn3 SUSE Linux Enterprise Module for Basesystem 15 SP4:libsoftokn3-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:libsoftokn3-hmac SUSE Linux Enterprise Module for Basesystem 15 SP4:libsoftokn3-hmac-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-certs SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-certs-32bit SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-devel SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-sysinit SUSE Linux Enterprise Module for Basesystem 15 SP4:mozilla-nss-tools SUSE Linux Enterprise Server 11 SP3 for Teradata:MozillaFirefox important 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H