Red Hat Product Errata RHSA-2026:22847 - Security Advisory Issued: 2026-06-03 Updated: 2026-06-03 RHSA-2026:22847 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 (CVE-2026-7323) firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component (CVE-2026-7320) firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (CVE-2026-7322) firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-7321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2463481 - CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 BZ - 2463483 - CVE-2026-7320 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component BZ - 2463484 - CVE-2026-7322 firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 BZ - 2463485 - CVE-2026-7321 firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component CVEs CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM firefox-140.10.1-1.el8_8.src.rpm SHA-256: b91bd2832b5ee760295dc5f1f4bc5183d34d8fbc7c03177b347a7164431b7fb6 x86_64 firefox-140.10.1-1.el8_8.x86_64.rpm SHA-256: 70c46269ed2d5f13192d603886e37814dc006c750502fc836c93c4e518cca67d firefox-debuginfo-140.10.1-1.el8_8.x86_64.rpm SHA-256: 95154336ae6782b979a8eaec341ae751916a09128654ccc1c87bc3c65a8c4c43 firefox-debugsource-140.10.1-1.el8_8.x86_64.rpm SHA-256: 91d7205924754bd13021b1ece7bbc78b8ee95aaf685d8c5b647709dcdc16ff84 Red Hat Enterprise Linux Server - TUS 8.8 SRPM firefox-140.10.1-1.el8_8.src.rpm SHA-256: b91bd2832b5ee760295dc5f1f4bc5183d34d8fbc7c03177b347a7164431b7fb6 x86_64 firefox-140.10.1-1.el8_8.x86_64.rpm SHA-256: 70c46269ed2d5f13192d603886e37814dc006c750502fc836c93c4e518cca67d firefox-debuginfo-140.10.1-1.el8_8.x86_64.rpm SHA-256: 95154336ae6782b979a8eaec341ae751916a09128654ccc1c87bc3c65a8c4c43 firefox-debugsource-140.10.1-1.el8_8.x86_64.rpm SHA-256: 91d7205924754bd13021b1ece7bbc78b8ee95aaf685d8c5b647709dcdc16ff84 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM firefox-140.10.1-1.el8_8.src.rpm SHA-256: b91bd2832b5ee760295dc5f1f4bc5183d34d8fbc7c03177b347a7164431b7fb6 ppc64le firefox-140.10.1-1.el8_8.ppc64le.rpm SHA-256: 5f489751233d87c8010abd7621f129e77f4f9cfc5ff8294e737397c18141db0c firefox-debuginfo-140.10.1-1.el8_8.ppc64le.rpm SHA-256: 11fd44c6ae49b0c43688e6f594642a69911ed3c1b197bc31af1cad268ad4c8c3 firefox-debugsource-140.10.1-1.el8_8.ppc64le.rpm SHA-256: 877a8eb53e22105b5631b7f178686eb7ef59323c3773dd3c48dde214337080d3 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM firefox-140.10.1-1.el8_8.src.rpm SHA-256: b91bd2832b5ee760295dc5f1f4bc5183d34d8fbc7c03177b347a7164431b7fb6 x86_64 firefox-140.10.1-1.el8_8.x86_64.rpm SHA-256: 70c46269ed2d5f13192d603886e37814dc006c750502fc836c93c4e518cca67d firefox-debuginfo-140.10.1-1.el8_8.x86_64.rpm SHA-256: 95154336ae6782b979a8eaec341ae751916a09128654ccc1c87bc3c65a8c4c43 firefox-debugsource-140.10.1-1.el8_8.x86_64.rpm SHA-256: 91d7205924754bd13021b1ece7bbc78b8ee95aaf685d8c5b647709dcdc16ff84 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .