Primary

Context

Mozilla Firefox and Thunderbird File Descriptor Leak Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A vulnerability exists in Firefox versions prior to 137 and Thunderbird versions prior to 137, where file descriptors are leaked from the fork server to web content processes. This leak could potentially be exploited to escalate privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Remediation

Users can upgrade to Firefox 137 or Thunderbird 137 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox and Thunderbird File Descriptor Leak Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

Mozilla Thunderbird

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating