CVE-2024-3861 — Use After Free in Mozilla Firefox

CWE-416 — Use After Free11 documents8 sources

Severity

4.0MEDIUMNVD

EPSS

0.1%

top 67.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird +1 more

Timeline

PublishedApr 16

Latest updateApr 25

Description

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.5 | Impact: 1.4

Affected Packages6 packages

▶CVEListV5mozilla/firefoxunspecified — 125

▶NVDmozilla/firefox< 115.0+1

▶CVEListV5mozilla/firefox_esrunspecified — 115.10

▶CVEListV5mozilla/thunderbirdunspecified — 115.10

▶NVDmozilla/thunderbird< 115.0

Also affects: Debian Linux 10.0

🔴Vulnerability Details

OSV

CVE-2024-3861: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free↗2024-04-16

▶

GHSA

GHSA-mvc5-vcrh-v937: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free↗2024-04-16

▶

CVEList

CVE-2024-3861: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free↗2024-04-16

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2024-04-25

▶

Ubuntu

Firefox vulnerabilities↗2024-04-24

▶

Red Hat

Mozilla: Potential use-after-free due to AlignedBuffer self-move↗2024-04-16

▶

Debian

CVE-2024-3861: firefox - If an AlignedBuffer were assigned to itself, the subsequent self-move could resu...↗2024

▶

Mozilla

Mozilla Foundation Security Advisory 2024-19: CVE-2024-3861↗

▶