Description
Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Firefox ESR 115.19, Thunderbird 134, and Thunderbird 128.6.
Published: 2025-01-07
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a use‑after‑free condition that occurs when the software processes a controlled failed memory allocation during text line breaking. An attacker that can induce the failure could trigger the use‑after‑free, potentially leading to a crash and the ability to elevate privilege or execute arbitrary code in a limited manner. The weakness is classified as CWE‑416.

Affected Systems

Mozilla products are affected, including Firefox and Thunderbird. Versions prior to Firefox 134 or Firefox ESR 128.6 (and 115.19) and Thunderbird 134 or Thunderbird ESR 128.6 are susceptible. Any distribution that bundles these earlier releases, such as certain Red Hat Enterprise Linux (RHEL) packages, is also at risk until it upgrades to a patched build.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate impact and the EPSS score of less than 1% suggests a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be local or require the attacker to cause a memory allocation failure, which may limit immediate remote exploitation.

Generated by OpenCVE AI on April 20, 2026 at 18:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox 134, Firefox ESR 128.6, Firefox ESR 115.19, Thunderbird 134, or Thunderbird ESR 128.6
  • If upgrading is infeasible, remove or disable the affected Mozilla components until a patch is available
  • Apply any security updates provided by the operating system vendor that include the fixed Mozilla packages

Generated by OpenCVE AI on April 20, 2026 at 18:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4011-1 firefox-esr security update
Debian DLA Debian DLA DLA-4012-1 thunderbird security update
Debian DSA Debian DSA DSA-5839-1 firefox-esr security update
Debian DSA Debian DSA DSA-5841-1 thunderbird security update
EUVD EUVD EUVD-2025-1570 Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.
Ubuntu USN Ubuntu USN USN-7191-1 Firefox vulnerabilities
Ubuntu USN Ubuntu USN USN-7663-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 134, Firefox ESR 128.6, Firefox ESR 115.19, Thunderbird 134, and Thunderbird 128.6.
Title firefox: thunderbird: Use-after-free when breaking lines in text Use-after-free when breaking lines in text

Mon, 03 Nov 2025 23:30:00 +0000

Type Values Removed Values Added
References

Thu, 03 Apr 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla thunderbird
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Mozilla thunderbird

Thu, 13 Feb 2025 01:00:00 +0000

Type Values Removed Values Added
Title firefox: Use-after-free when breaking lines in text firefox: thunderbird: Use-after-free when breaking lines in text
CPEs cpe:/a:redhat:rhel_aus:8.2
cpe:/a:redhat:rhel_aus:8.6
cpe:/a:redhat:rhel_e4s:8.6
cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_eus:8.8
cpe:/a:redhat:rhel_eus:9.4
cpe:/a:redhat:rhel_tus:8.6

Mon, 13 Jan 2025 22:15:00 +0000

Type Values Removed Values Added
Description Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird ESR < 128.6. Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

Thu, 09 Jan 2025 14:00:00 +0000

Type Values Removed Values Added
Title firefox: Use-after-free when breaking lines in text
First Time appeared Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
CPEs cpe:/a:redhat:enterprise_linux:8
cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:rhel_aus:8.4
cpe:/a:redhat:rhel_e4s:8.4
cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_tus:8.4
cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 09 Jan 2025 08:45:00 +0000

Type Values Removed Values Added
Description Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19. Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird ESR < 128.6.
References

Wed, 08 Jan 2025 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Description Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19.
References

Subscriptions

Mozilla Firefox Thunderbird
Redhat Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:28:53.814Z

Reserved: 2025-01-06T14:49:02.331Z

Link: CVE-2025-0238

cve-icon Vulnrichment

Updated: 2025-11-03T22:33:37.588Z

cve-icon NVD

Status : Modified

Published: 2025-01-07T16:15:38.470

Modified: 2026-04-13T15:16:32.350

Link: CVE-2025-0238

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-01-07T16:07:06Z

Links: CVE-2025-0238 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T18:45:14Z

Weaknesses