[Bug 245968] Firefox 75.0_2,1 & Chromium 81.0.4044.113 - Servere Security Issue

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Apr 27 11:34:43 UTC 2020 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245968

            Bug ID: 245968
           Summary: Firefox 75.0_2,1 & Chromium 81.0.4044.113 - Servere
                    Security Issue
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: gwq_uk at yahoo.com

Created attachment 213850
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=213850&action=edit
Wireshark network monitoring log file

Hi All,

Firefox & Chromium appear to have been compromised with what looks like a
"backdoor".

I recently upgraded all my FreeBSD boxes to 12.1-p3 and ALL packages including
the latest Firefox i.e. 75.0.2_1

One of my FreeBSD 12.1 boxes uses WIFI (wpa) and after opening the Firefox
browser the WIFI network became extremely slow. So I installed Wireshark (GUI)
from packages to see what was happening.

With just Firefox running and Google's home page loaded, I saw WireShark
displaying dozens of WAN IP addresses connecting to my FreeBSD box. Network
traffic suddenly went very high, and it seems all of the connections were using
TCP ports 80 (HTTP) and 443 (HTTPS) through my machine.

With Firefox closed the WAN connections disappeared. Just to be clear, Firefox
was open but there was no web activity initiated by me.

To be absolutely sure, I systematically made sure that EVERY wired and wireless
device (that could possibly browse the internet) was switched off, changed the
WIFI ssid and password, and I ran the above tests again, I got the same result.

Would someone else run the same tests and confirm please?

** Method
- Install the latest Firefox & Wireshark from packages.
- Start Wireshark first (internet->wireshark), select your network adapter and
monitor the network - traffic to and from your machine.
- Start Firefox (or Chromium) only
- Now look at the network traffic to and from your IP address

I have attached a log, my IP address is 192.168.1.14 in the log, this file
should be opened in Wireshark only.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list