FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- Incorrect computation of branch address

Affected packages
firefox < 141.0,2
firefox-esr < 140.1
firefox-esr < 128.13
firefox-esr < 115.26
thunderbird < 141.0
thunderbird-esr < 140.1
thunderbird < 128.13

Details

VuXML ID 3e9406a7-685e-11f0-a12d-b42e991fc52e
Discovery 2025-07-22
Entry 2025-07-24

security@mozilla.org reports:

On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address.

[source]

References

CVE Name CVE-2025-8028
URL https://nvd.nist.gov/vuln/detail/CVE-2025-8028

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.