CVE-2025-9179

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-9179

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-9179.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-9179

Downstream

DEBIAN-CVE-2025-9179

DLA-4277-1

DLA-4279-1

DSA-5980-1

DSA-5984-1

OESA-2025-2094

OESA-2025-2095

OESA-2025-2096

OESA-2025-2097

OESA-2025-2099

OESA-2025-2292

RHSA-2025:14416

RHSA-2025:14417

RHSA-2025:14442

RHSA-2025:14640

RHSA-2025:14743

RHSA-2025:14844

RHSA-2025:15418

RHSA-2025:15419

RHSA-2025:15420

RHSA-2025:15421

RHSA-2025:15422

RHSA-2025:15423

RHSA-2025:15424

RHSA-2025:15430

RHSA-2025:15434

RHSA-2025:15435

RHSA-2025:15436

RHSA-2025:15437

RHSA-2025:15438

RHSA-2025:15496

RHSA-2025:15535

RLSA-2025:14416

RLSA-2025:14417

RLSA-2025:14442

RLSA-2025:14743

RLSA-2025:14844

SUSE-SU-2025:03007-1

SUSE-SU-2025:03008-1

SUSE-SU-2025:03009-1

UBUNTU-CVE-2025-9179

USN-7991-1

Related

Withdrawn

2026-01-27T04:20:14.780633Z

Published

2025-08-19T21:15:30Z

Modified

2026-01-27T04:20:14.780633Z

Summary

[none]

Details

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.

References

Affected packages