Red Hat Product Errata RHSA-2026:24755 - Security Advisory Issued: 2026-06-09 Updated: 2026-06-09 RHSA-2026:24755 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: Other issue in the WebRTC component (CVE-2026-8094) firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2 (CVE-2026-8092) firefox: Use-after-free in the DOM: Networking component (CVE-2026-8090) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2467706 - CVE-2026-8094 firefox: thunderbird: Other issue in the WebRTC component BZ - 2467708 - CVE-2026-8092 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2 BZ - 2467709 - CVE-2026-8090 firefox: thunderbird: Use-after-free in the DOM: Networking component CVEs CVE-2026-8090 CVE-2026-8092 CVE-2026-8094 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM firefox-140.10.2-1.el8_8.src.rpm SHA-256: c6d5d9907aee61f9f5a85e0cead365f20f4049e2bea4bb111557665456107a5f x86_64 firefox-140.10.2-1.el8_8.x86_64.rpm SHA-256: 62b9149b05eed96eeb6acaf081d01b8e6e1d095901edb2da90a0a6a5a4534795 firefox-debuginfo-140.10.2-1.el8_8.x86_64.rpm SHA-256: 614d5e7d5188dd38d6c58a0129c5dbcd79e256887c5c4604bb1f0e53fa83fe21 firefox-debugsource-140.10.2-1.el8_8.x86_64.rpm SHA-256: d80a0720c8d5c534a85e0e43d9fb02c3b1fe6fd9bc3623d987897ec7e4be7fbc Red Hat Enterprise Linux Server - TUS 8.8 SRPM firefox-140.10.2-1.el8_8.src.rpm SHA-256: c6d5d9907aee61f9f5a85e0cead365f20f4049e2bea4bb111557665456107a5f x86_64 firefox-140.10.2-1.el8_8.x86_64.rpm SHA-256: 62b9149b05eed96eeb6acaf081d01b8e6e1d095901edb2da90a0a6a5a4534795 firefox-debuginfo-140.10.2-1.el8_8.x86_64.rpm SHA-256: 614d5e7d5188dd38d6c58a0129c5dbcd79e256887c5c4604bb1f0e53fa83fe21 firefox-debugsource-140.10.2-1.el8_8.x86_64.rpm SHA-256: d80a0720c8d5c534a85e0e43d9fb02c3b1fe6fd9bc3623d987897ec7e4be7fbc Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM firefox-140.10.2-1.el8_8.src.rpm SHA-256: c6d5d9907aee61f9f5a85e0cead365f20f4049e2bea4bb111557665456107a5f ppc64le firefox-140.10.2-1.el8_8.ppc64le.rpm SHA-256: 4c849ebc7762f4d7a5db215966ab3542754203a67acb1d4b24f10f5d949904dc firefox-debuginfo-140.10.2-1.el8_8.ppc64le.rpm SHA-256: 0b01d297a3354ef3e9cbe312814c962d05714588de9615170ed69ee228142846 firefox-debugsource-140.10.2-1.el8_8.ppc64le.rpm SHA-256: f0389f6e655fcfb4d2b621d22d68c3114eea7b4b7df3c4c00939ddb61fda7ea4 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM firefox-140.10.2-1.el8_8.src.rpm SHA-256: c6d5d9907aee61f9f5a85e0cead365f20f4049e2bea4bb111557665456107a5f x86_64 firefox-140.10.2-1.el8_8.x86_64.rpm SHA-256: 62b9149b05eed96eeb6acaf081d01b8e6e1d095901edb2da90a0a6a5a4534795 firefox-debuginfo-140.10.2-1.el8_8.x86_64.rpm SHA-256: 614d5e7d5188dd38d6c58a0129c5dbcd79e256887c5c4604bb1f0e53fa83fe21 firefox-debugsource-140.10.2-1.el8_8.x86_64.rpm SHA-256: d80a0720c8d5c534a85e0e43d9fb02c3b1fe6fd9bc3623d987897ec7e4be7fbc The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .