Unrated severityNVD Advisory· Published Oct 18, 2018· Updated Aug 5, 2024
CVE-2018-12367
CVE-2018-12367
Description
In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11<60.1+ 3 more
- (no CPE)range: <60.1
- (no CPE)range: <61
- (no CPE)range: unspecified
- (no CPE)range: unspecified
<60+ 1 more
- (no CPE)range: <60
- (no CPE)range: unspecified
- osv-coords5 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Package%20Hub%2012
< 128.5.1-1.1+ 4 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 92.0-1.2
- (no CPE)range: < 91.1.1-1.1
- (no CPE)range: < 60.2.1-3.13.1
- (no CPE)range: < 60.3.0-74.2
Patches
Vulnerability mechanics
References
11- security.gentoo.org/glsa/201810-01mitrevendor-advisoryx_refsource_GENTOO
- security.gentoo.org/glsa/201811-13mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3705-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4295mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/104561mitrevdb-entryx_refsource_BID
- www.securitytracker.com/id/1041193mitrevdb-entryx_refsource_SECTRACK
- bugzilla.mozilla.org/show_bug.cgimitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2018/11/msg00011.htmlmitremailing-listx_refsource_MLIST
- www.mozilla.org/security/advisories/mfsa2018-15/mitrex_refsource_CONFIRM
- www.mozilla.org/security/advisories/mfsa2018-16/mitrex_refsource_CONFIRM
- www.mozilla.org/security/advisories/mfsa2018-19/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.