This week, Mozilla announced the release of Firefox 102 in the stable channel, which includes fixes for 19 vulnerabilities, including four critical flaws.
The most recent release from Mozilla fixes CVE-2022-34470, a high-severity use-after-free flaw in nsSHistory that was brought on while switching between XML documents and might result in a crash that could be exploited.
When coupled with additional weaknesses, use-after-free vulnerabilities have the potential to compromise the entire system by allowing arbitrary code execution, data corruption, or denial of service. These flaws can be used by malicious websites to get beyond the sandbox of a browser.
A CSP sandbox header lacking “allow-scripts” might be bypassed via a retargeted javascript: URI, according to CVE-2022-34468, another high-severity bug fixed in Firefox 102. This problem makes it possible for an iframe to execute scripts without permission whenever a user hits a javascript: link.
The most recent version of Firefox also fixes Linux-specific bug CVE-2022-34479, which allowed malicious websites to produce popup windows that could be enlarged in a way that covered the address bar with online content, perhaps opening the door for spoofing attacks.
A number of memory safety flaws, including several that “showed signs of JavaScript prototype or memory corruption and we assume that with enough effort any of them may have been exploited to run arbitrary code,” have been given the CVE-2022-34484 designation.
By reducing query parameter monitoring when using the internet in Enhanced Tracking Protection (ETP) stringent mode, Firefox 102 further enhances user privacy.
Firefox avoids cross-site tracking by restricting cookies to the websites that created them thanks to ETP. With the help of the new feature, Firefox can now prevent particular tracking elements from being used by websites to go beyond the privacy safeguards set up by browsers.
In order to improve process isolation, Firefox 102 also performs audio decoding in a separate process with stronger sandboxing.