CVE-2024-6603Use of Out-of-range Pointer Offset in Mozilla Firefox

CWE-823Use of Out-of-range Pointer OffsetCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents9 sources
Severity
7.4HIGHNVD
EPSS
0.3%
top 42.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla Firefox ESRMozilla Thunderbird
Timeline
PublishedJul 9
Latest updateJul 22

Description

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages6 packages

CVEListV5mozilla/firefoxunspecified128
NVDmozilla/firefox< 115.13+1
CVEListV5mozilla/firefox_esrunspecified115.13
CVEListV5mozilla/thunderbirdunspecified115.13+1
NVDmozilla/thunderbird116.0128.0+1

🔴Vulnerability Details

3
GHSA
GHSA-j476-hf2q-984g: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption2024-07-09
OSV
CVE-2024-6603: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption2024-07-09
CVEList
Memory corruption in thread creation2024-07-09

📋Vendor Advisories

9
Ubuntu
Thunderbird vulnerabilities2024-07-22
Ubuntu
Firefox vulnerabilities2024-07-10
Microsoft
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 112024-07-09
Red Hat
Mozilla: Memory corruption in thread creation2024-07-09
Debian
CVE-2024-6603: firefox - In an out-of-memory scenario an allocation could fail but free would have been c...2024
CVE-2024-6603 — Use of Out-of-range Pointer Offset | cvebase