Minor firefox DoS - semi silently polluting ~/Downloads with files (part 2)

Read Time:27 Second

Posted by Georgi Guninski on Jan 18

Minor firefox DoS – semi silently polluting ~/Downloads with files (part 2)

Tested on: firefox 121 and chrome 120 on GNU/linux

Date: Thu Jan 18 08:38:28 AM UTC 2024

This is barely a DoS, but since it might affect Chrome too we decided
to disclose it.

If firefox user visits a specially crafted page, then firefox
may create many files in `~/Downloads`,
The user is notified about this in a small dialog, but there is
no option to stop the…

python-setuptools-69.0.3-4.fc40

FEDORA-2024-247e9ba33a Packages in this update: python-setuptools-69.0.3-4.fc40 Update description: Security fix for CVE-2024-6345. Read More

July 26, 2024

python-setuptools-67.7.2-8.fc39

FEDORA-2024-9ed182a5d3 Packages in this update: python-setuptools-67.7.2-8.fc39 Update description: Security fix for CVE-2024-6345. Read More

July 26, 2024

USN-6919-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

July 26, 2024

USN-6918-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings...

July 26, 2024

USN-6917-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

July 26, 2024

curl-8.6.0-9.fc40

FEDORA-2024-a7976ba89f Packages in this update: curl-8.6.0-9.fc40 Update description: fix freeing stack buffer in utf8asn1str (CVE-2024-6197) Read More

July 26, 2024

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Friday Squid Blogging: Sunscreen from Squid Pigments

Compromising the Secure Boot Process

Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

Hacktivists Claim Leak of CrowdStrike Threat Intelligence

CrowdStrike Falcon Outage Exploited for Social Engineering

Despite Bans, AI Code Tools Widespread in Organizations

North Korean Hackers Target Critical Infrastructure for Military Gain

The CrowdStrike Outage and Market-Driven Brittleness

Minor firefox DoS – semi silently polluting ~/Downloads with files (part 2)

python-setuptools-69.0.3-4.fc40

python-setuptools-67.7.2-8.fc39

USN-6919-1: Linux kernel vulnerabilities

USN-6918-1: Linux kernel vulnerabilities

USN-6917-1: Linux kernel vulnerabilities

curl-8.6.0-9.fc40