ClickCease Firefox 122 Released with 15 Security Fixes

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Firefox 122 Released with 15 Security Fixes

Rohan Timalsina

February 7, 2024 - TuxCare expert team

Mozilla released the new version of its popular browser, Firefox 122, on January 23, 2024. It came 1 month and 5 days after the previous Firefox 121 and brings several new features and improvements along with various security fixes. In this article, we will explore the high-severity vulnerabilities addressed in the recent Firefox security updates.


High-Severity Vulnerabilities Fixed in Firefox 122



This out-of-bounds write vulnerability in ANGLE ((Almost Native Graphics Layer Engine) could allow an attacker to corrupt memory leading to a potentially exploitable crash.



Certain browser prompts and dialogs could be unintentionally activated or dismissed by users due to an incorrect timestamp used to prevent input after page load.



Firefox 122 addressed an unchecked return value in the TLS handshake code which could potentially result in an exploitable crash.



Under certain conditions, JIT compiled code could have dereferenced a wild pointer value, posing a risk of an exploitable crash.



Firefox 122 also patched a stack buffer overflow issue in the WebAudio OscillatorNode object which could result in a potentially exploitable crash.


Other Security Vulnerabilities Fixed


All remaining vulnerabilities are classified as medium severity having a moderate impact on Firefox, which include:

CVE-2024-0746: Opening the print preview dialog on Linux could lead to a browser crash.

CVE-2024-0748: A compromised content process could have modified the document URI, enabling an attacker to set an arbitrary URI in the address bar or history.

CVE-2024-0749: A phishing site could repurpose an about: dialog to display phishing content with an incorrect origin in the address bar.

CVE-2024-0750: Firefox 122 fixed a bug in popup notifications delay calculation which could allow an attacker to deceive a user into granting permissions.

CVE-2024-0751: A malicious devtools extension could be utilized for privilege escalation.


Firefox 122 DEB Package


Firefox finally ships with a .deb package for Linux users on Ubuntu, Debian, and Linux Mint. The official Firefox DEB package ensures enhanced performance through advanced compiler-based optimizations, secure binaries with all security flags activated during compilation, swift access to the latest updates, and seamless browsing without the necessity to restart Firefox after upgrading the package.




Many Linux distributions, including Ubuntu and Debian, have already rolled out security updates, addressing the above Firefox vulnerabilities. It is essential to update the existing Firefox installations to get the latest versions and ensure a secure browsing experience. You can also find the official binary or DEB packages of Firefox 122 on the download page.


The sources for this article include a story from MFSA 2024-01.

Firefox 122 Released with 15 Security Fixes
Article Name
Firefox 122 Released with 15 Security Fixes
Mozilla addresses 15 vulnerabilities in the Firefox 122 release, including 5 high-severity flaws. Learn more about new fixes and updates.
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter