Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-9792 — Out-of-bounds Write in Mozilla Firefox
Severity
9.8CRITICALNVD
EPSS
18.9%
top 4.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedApr 26
Latest updateMay 24
Description
The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages6 packages
Also affects: Enterprise Linux 8.0, 8.1, 8.2, 8.4
🔴Vulnerability Details
8GHSA▶
GHSA-83fw-4w4c-4v29: The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout↗2022-05-24
CVEList▶
CVE-2019-9792: The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout↗2019-04-26
OSV▶
CVE-2019-9792: The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout↗2019-04-26
💥Exploits & PoCs
1📋Vendor Advisories
5Debian▶
CVE-2019-9792: firefox - The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT ...↗2019