Red Hat Product Errata RHSA-2026:19370 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19370 - Security Advisory Overview Updated Packages Synopsis Important: firefox security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 (CVE-2026-7323) firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component (CVE-2026-7320) firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (CVE-2026-7322) firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-7321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2463481 - CVE-2026-7323 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 BZ - 2463483 - CVE-2026-7320 firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component BZ - 2463484 - CVE-2026-7322 firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 BZ - 2463485 - CVE-2026-7321 firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component CVEs CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f x86_64 firefox-140.10.1-1.el9_8.x86_64.rpm SHA-256: 67ea95deaf299a823228c6ae9c4dbe5cee01da30c1a4f1ac38b0488f06e220e1 firefox-debuginfo-140.10.1-1.el9_8.x86_64.rpm SHA-256: 506aceb0eeb66f670b85e4783090b982e11b57ed2d4ff129959479a1cf08e28a firefox-debugsource-140.10.1-1.el9_8.x86_64.rpm SHA-256: 5f2f3c6971fe16207b2b0a629af3da56d68bf88561d87df7186e87227dccdd23 firefox-x11-140.10.1-1.el9_8.x86_64.rpm SHA-256: 09e2f90c629603f6193e544fd39fc1634f873bf2865ac1d8183037631ff02a8d Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f x86_64 firefox-140.10.1-1.el9_8.x86_64.rpm SHA-256: 67ea95deaf299a823228c6ae9c4dbe5cee01da30c1a4f1ac38b0488f06e220e1 firefox-debuginfo-140.10.1-1.el9_8.x86_64.rpm SHA-256: 506aceb0eeb66f670b85e4783090b982e11b57ed2d4ff129959479a1cf08e28a firefox-debugsource-140.10.1-1.el9_8.x86_64.rpm SHA-256: 5f2f3c6971fe16207b2b0a629af3da56d68bf88561d87df7186e87227dccdd23 firefox-x11-140.10.1-1.el9_8.x86_64.rpm SHA-256: 09e2f90c629603f6193e544fd39fc1634f873bf2865ac1d8183037631ff02a8d Red Hat Enterprise Linux for IBM z Systems 9 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f s390x firefox-140.10.1-1.el9_8.s390x.rpm SHA-256: 42ce93a9545093d0e76d2da5055d52171269685b45f80f9789626713f4709670 firefox-debuginfo-140.10.1-1.el9_8.s390x.rpm SHA-256: e0afd7ef6b1858ea0309826188d85885aa5b6896a9647f19593fd62be5ab878d firefox-debugsource-140.10.1-1.el9_8.s390x.rpm SHA-256: 986bae188b72ddcd3650dc89746b05ebd83f5dcedc2aae23d1528ddb46629290 firefox-x11-140.10.1-1.el9_8.s390x.rpm SHA-256: 9e5e3f7c666be2fd7d6cf1f802990f9bc9b28a475dc1344de4eb93150e45f8ab Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f s390x firefox-140.10.1-1.el9_8.s390x.rpm SHA-256: 42ce93a9545093d0e76d2da5055d52171269685b45f80f9789626713f4709670 firefox-debuginfo-140.10.1-1.el9_8.s390x.rpm SHA-256: e0afd7ef6b1858ea0309826188d85885aa5b6896a9647f19593fd62be5ab878d firefox-debugsource-140.10.1-1.el9_8.s390x.rpm SHA-256: 986bae188b72ddcd3650dc89746b05ebd83f5dcedc2aae23d1528ddb46629290 firefox-x11-140.10.1-1.el9_8.s390x.rpm SHA-256: 9e5e3f7c666be2fd7d6cf1f802990f9bc9b28a475dc1344de4eb93150e45f8ab Red Hat Enterprise Linux for Power, little endian 9 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f ppc64le firefox-140.10.1-1.el9_8.ppc64le.rpm SHA-256: f8f263625d32d341b2cbe5662e870e25bcf916a939b2a1f8b7b66ae4bf6581e7 firefox-debuginfo-140.10.1-1.el9_8.ppc64le.rpm SHA-256: dc96c1d8dc66415f32390ae5e132f7e0f9730846363d25a81431d8780431cc5f firefox-debugsource-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 3bbbb9ab675d19bb2f1fbe3350e29994da51b277cf9b125ecbdfc8280f44ccca firefox-x11-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 7399d4417f2f59c98723a2610146b1992d07e195d189d531ad6878bb8531aff2 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f ppc64le firefox-140.10.1-1.el9_8.ppc64le.rpm SHA-256: f8f263625d32d341b2cbe5662e870e25bcf916a939b2a1f8b7b66ae4bf6581e7 firefox-debuginfo-140.10.1-1.el9_8.ppc64le.rpm SHA-256: dc96c1d8dc66415f32390ae5e132f7e0f9730846363d25a81431d8780431cc5f firefox-debugsource-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 3bbbb9ab675d19bb2f1fbe3350e29994da51b277cf9b125ecbdfc8280f44ccca firefox-x11-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 7399d4417f2f59c98723a2610146b1992d07e195d189d531ad6878bb8531aff2 Red Hat Enterprise Linux for ARM 64 9 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f aarch64 firefox-140.10.1-1.el9_8.aarch64.rpm SHA-256: cac826b9170fb5513ee9aea95331b466bae2f9ebb4cd42410b24e6a4c86cf193 firefox-debuginfo-140.10.1-1.el9_8.aarch64.rpm SHA-256: 27deb8897bdc9bd2d8b14ca00fd68da340dae5efa7b154ffaa1fdd2f977c3298 firefox-debugsource-140.10.1-1.el9_8.aarch64.rpm SHA-256: 7f5f63d6fb232a92ce6cb982572564f150345294030d1d222b5fd73f2a26bc63 firefox-x11-140.10.1-1.el9_8.aarch64.rpm SHA-256: befc17b3fbc59e49b1e7ca361a985b7780acf34d9040d78c4bd4153713a0994d Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f aarch64 firefox-140.10.1-1.el9_8.aarch64.rpm SHA-256: cac826b9170fb5513ee9aea95331b466bae2f9ebb4cd42410b24e6a4c86cf193 firefox-debuginfo-140.10.1-1.el9_8.aarch64.rpm SHA-256: 27deb8897bdc9bd2d8b14ca00fd68da340dae5efa7b154ffaa1fdd2f977c3298 firefox-debugsource-140.10.1-1.el9_8.aarch64.rpm SHA-256: 7f5f63d6fb232a92ce6cb982572564f150345294030d1d222b5fd73f2a26bc63 firefox-x11-140.10.1-1.el9_8.aarch64.rpm SHA-256: befc17b3fbc59e49b1e7ca361a985b7780acf34d9040d78c4bd4153713a0994d Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f ppc64le firefox-140.10.1-1.el9_8.ppc64le.rpm SHA-256: f8f263625d32d341b2cbe5662e870e25bcf916a939b2a1f8b7b66ae4bf6581e7 firefox-debuginfo-140.10.1-1.el9_8.ppc64le.rpm SHA-256: dc96c1d8dc66415f32390ae5e132f7e0f9730846363d25a81431d8780431cc5f firefox-debugsource-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 3bbbb9ab675d19bb2f1fbe3350e29994da51b277cf9b125ecbdfc8280f44ccca firefox-x11-140.10.1-1.el9_8.ppc64le.rpm SHA-256: 7399d4417f2f59c98723a2610146b1992d07e195d189d531ad6878bb8531aff2 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM firefox-140.10.1-1.el9_8.src.rpm SHA-256: 944df97f25a1925c120219b6e52db5ec68bbd80395a633629f9c8be99260416f x86_64 firefox-140.10.1-1.el9_8.x86_64.rpm SHA-256: 67ea95deaf299a823228c6ae9c4dbe5cee01da30c1a4f1ac38b0488f06e220e1 firefox-debuginfo-140.10.1-1.el9_8.x86_64.rpm SHA-256: 506aceb0eeb66f670b85e4783090b982e11b57ed2d4ff129959479a1cf08e28a firefox-debugsource-140.10.1-1.el9_8.x86_64.rpm SHA-256: 5f2f3c6971fe16207b2b0a629af3da56d68bf88561d87df7186e87227dccdd23 firefox-x11-140.1