Description
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
Published: 2025-02-04
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability consists of memory safety bugs in multiple versions of Firefox and Thunderbird that can lead to unintended memory corruption. The bugs are reported as potential buffer over-read and buffer overflow weaknesses (CWE‑120, CWE‑787). If successfully exploited, the attacker could gain arbitrary code execution within the context of the vulnerable application.

Affected Systems

Affected products include Mozilla Firefox versions 134 and Firefox ESR 128.6, Mozilla Thunderbird versions 134 and Thunderbird ESR 128.6. Systems running these versions on any platform are at risk until the updated patches are installed. The patches are available for all supported operating systems, including the Red Hat Enterprise Linux families referenced in the advisory.

Risk and Exploitability

The CVSS score of 9.8 indicates a high severity and the low EPSS score of <1% suggests that exploitation is currently unlikely. The vulnerability is not listed in CISA’s KEV catalog. The known exploited form is not documented, but based on the memory corruption nature, a local attacker who can supply crafted input or trigger native code paths has a plausible exploitation path that could eventually lead to arbitrary code execution.

Generated by OpenCVE AI on April 20, 2026 at 23:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Firefox 135, Thunderbird 135, Firefox ESR 128.7, or Thunderbird ESR 128.7 to apply the memory safety fixes.
  • Verify that the operating system has installed the latest available packages for Firefox and Thunderbird, as some distributions provide backport patches.
  • If a patch is not yet available for your platform, restrict the execution of these browsers to a trusted network segment and monitor for suspicious activity until a fix is released.

Generated by OpenCVE AI on April 20, 2026 at 23:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4044-1 firefox-esr security update
Debian DLA Debian DLA DLA-4045-1 thunderbird security update
Debian DSA Debian DSA DSA-5858-1 firefox-esr security update
Debian DSA Debian DSA DSA-5860-1 thunderbird security update
EUVD EUVD EUVD-2025-1972 Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
Ubuntu USN Ubuntu USN USN-7263-1 Firefox vulnerabilities
Ubuntu USN Ubuntu USN USN-7663-1 Thunderbird vulnerabilities
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7

Mon, 03 Nov 2025 21:30:00 +0000

Type Values Removed Values Added
References

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00168}

 epss

{'score': 0.00238}

Thu, 13 Feb 2025 01:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8

Fri, 07 Feb 2025 14:30:00 +0000

Type Values Removed Values Added
Title firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7
First Time appeared Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
Weaknesses CWE-120
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:rhel_aus:8.2
cpe:/a:redhat:rhel_aus:8.4
cpe:/a:redhat:rhel_aus:8.6
cpe:/a:redhat:rhel_e4s:8.4
cpe:/a:redhat:rhel_e4s:8.6
cpe:/a:redhat:rhel_e4s:9.0
cpe:/a:redhat:rhel_eus:8.8
cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_eus:9.4
cpe:/a:redhat:rhel_tus:8.4
cpe:/a:redhat:rhel_tus:8.6
cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat
Redhat enterprise Linux
Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Els
Redhat rhel Eus
Redhat rhel Tus
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 06 Feb 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 06 Feb 2025 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox
Mozilla thunderbird
Weaknesses CWE-787
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:-:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:esr:*:*:*
Vendors & Products Mozilla
Mozilla firefox
Mozilla thunderbird
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Tue, 04 Feb 2025 14:15:00 +0000

Type Values Removed Values Added
Description Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135.
References

Subscriptions

Mozilla Firefox Thunderbird
Redhat Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:25:23.811Z

Reserved: 2025-02-04T07:26:42.287Z

Link: CVE-2025-1017

cve-icon Vulnrichment

Updated: 2025-11-03T20:57:00.637Z

cve-icon NVD

Status : Modified

Published: 2025-02-04T14:15:32.600

Modified: 2026-04-13T15:16:50.647

Link: CVE-2025-1017

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-02-04T13:58:56Z

Links: CVE-2025-1017 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T00:00:13Z

Weaknesses