This Red Hat security advisory addresses four high-severity vulnerabilities (CVE-2026-7320 through CVE-2026-7323, CVSS scores 7.3-7.5) in Firefox and Thunderbird, including memory safety bugs, an information disclosure in the Audio/Video component, and a sandbox escape in WebRTC Networking. Affected versions include Firefox versions prior to 115.35.1, 140.10.1, and 150.0.1, and Thunderbird versions prior to 140.10.1 and 150.0.1. The fix requires applying the Red Hat update for Firefox on RHEL 10.0 EUS, which incorporates the patched browser versions.
Red Hat Product Errata RHSA-2026:22408 - Security Advisory Issued: 2026-06-02 Updated: 2026-06-02 RHSA-2026:22408 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 (CVE-2026-7323) firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component (CVE-2026-7320) firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (CVE-2026-7322) firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-7321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2463481 - CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 BZ - 2463483 - CVE-2026-7320 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component BZ - 2463484 - CVE-2026-7322 firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 BZ - 2463485 - CVE-2026-7321 firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component CVEs CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 x86_64 firefox-140.10.1-1.el10_0.x86_64.rpm SHA-256: f83b587fe90b4aef7b5ed12f1ca29b5fe1dd0bc59ca160a7b3f5d9274f6472d2 firefox-debuginfo-140.10.1-1.el10_0.x86_64.rpm SHA-256: a20a9ddaa1fa05c3bc47efa71e36d536bdc4f0bec4bbcfc76961e7ba3721c89b firefox-debugsource-140.10.1-1.el10_0.x86_64.rpm SHA-256: 953d5246eaa45469a6cad8846f2de51b9a659f89b450cae0a43672c3dd536f1a Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 s390x firefox-140.10.1-1.el10_0.s390x.rpm SHA-256: e9b6d865e039aa3ec1a74b1a319badd0c1c60854a30a07711d9289a2d7295411 firefox-debuginfo-140.10.1-1.el10_0.s390x.rpm SHA-256: 7ec3bc11e3c488621a30641628fd35ddf9a479cd7d10cb446cae032fe6fbd3f2 firefox-debugsource-140.10.1-1.el10_0.s390x.rpm SHA-256: d0a9ce702a49da60155871fa64f3fa178b97f445cbdb31b191c5c0d05deafec2 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 ppc64le firefox-140.10.1-1.el10_0.ppc64le.rpm SHA-256: 288a5920760dd733e875c2c9b2ccc85bbe7c169459f10ea37e3dd34799eb38e8 firefox-debuginfo-140.10.1-1.el10_0.ppc64le.rpm SHA-256: b4d4b0f29d656a8fd746b0a3ba49257a46492f53633c24bf8c64cc296e480945 firefox-debugsource-140.10.1-1.el10_0.ppc64le.rpm SHA-256: 8740d580e8edb1a7cbe06f8db95d517d7da4ee7a85e289e074e554c2f42957dd Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 aarch64 firefox-140.10.1-1.el10_0.aarch64.rpm SHA-256: e327b8bfbce05e512e957aec5d0cd2ac36fc454018f2d4c3b569dfc2cac738d0 firefox-debuginfo-140.10.1-1.el10_0.aarch64.rpm SHA-256: c72392f740c8f1619e64eb09ab04b4a3a9f3b07281b323c20a3c383d5b72e15a firefox-debugsource-140.10.1-1.el10_0.aarch64.rpm SHA-256: f015c72ee9440591f0510a4962f952e38475369dd8351d535187f58c47246a5a Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 aarch64 firefox-140.10.1-1.el10_0.aarch64.rpm SHA-256: e327b8bfbce05e512e957aec5d0cd2ac36fc454018f2d4c3b569dfc2cac738d0 firefox-debuginfo-140.10.1-1.el10_0.aarch64.rpm SHA-256: c72392f740c8f1619e64eb09ab04b4a3a9f3b07281b323c20a3c383d5b72e15a firefox-debugsource-140.10.1-1.el10_0.aarch64.rpm SHA-256: f015c72ee9440591f0510a4962f952e38475369dd8351d535187f58c47246a5a Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 s390x firefox-140.10.1-1.el10_0.s390x.rpm SHA-256: e9b6d865e039aa3ec1a74b1a319badd0c1c60854a30a07711d9289a2d7295411 firefox-debuginfo-140.10.1-1.el10_0.s390x.rpm SHA-256: 7ec3bc11e3c488621a30641628fd35ddf9a479cd7d10cb446cae032fe6fbd3f2 firefox-debugsource-140.10.1-1.el10_0.s390x.rpm SHA-256: d0a9ce702a49da60155871fa64f3fa178b97f445cbdb31b191c5c0d05deafec2 Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 ppc64le firefox-140.10.1-1.el10_0.ppc64le.rpm SHA-256: 288a5920760dd733e875c2c9b2ccc85bbe7c169459f10ea37e3dd34799eb38e8 firefox-debuginfo-140.10.1-1.el10_0.ppc64le.rpm SHA-256: b4d4b0f29d656a8fd746b0a3ba49257a46492f53633c24bf8c64cc296e480945 firefox-debugsource-140.10.1-1.el10_0.ppc64le.rpm SHA-256: 8740d580e8edb1a7cbe06f8db95d517d7da4ee7a85e289e074e554c2f42957dd Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 SRPM firefox-140.10.1-1.el10_0.src.rpm SHA-256: 2b6f09278ac41acb4c9e0419aa85db9ce35b2fbc4137d14fa97ce387171414f2 x86_64 firefox-140.10.1-1.el10_0.x86_64.rpm SHA-256: f83b587fe90b4aef7b5ed12f1ca29b5fe1dd0bc59ca160a7b3f5d9274f6472d2 firefox-debuginfo-140.10.1-1.el10_0.x86_64.rpm SHA-256: a20a9ddaa1fa05c3bc47efa71e36d536bdc4f0bec4bbcfc76961e7ba3721c89b firefox-debugsource-140.10.1-1.el10_0.x86_64.rpm SHA-256: 953d5246eaa45469a6cad8846f2de51b9a659f89b450cae0a43672c3dd536f1a The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .