CVE-2024-6609: When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird…

CVE-2024-6601 [MEDIUM] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-6601, CVE-2024-6604, CVE-2024-6607, CVE-2024-6608, CVE-2024-6610, CVE-2024-6611, CVE-2024-6612, CVE-2024-6613, CVE-2024-6614, CVE-2024-6615) It was discovered that Firefox did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-6602, CVE-2024-6609) Irvan Kurniawan discovered that Firefox did not properly manage memory during thread creation. An attacker could potentially exp

CVE-2024-6609 [HIGH] CVE-2024-6609: When almost out-of-memory an elliptic curve key which was never allocated could have been freed again When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVE-2024-6609 [HIGH] GHSA-xcm3-jhmr-9fhh: When almost out-of-memory an elliptic curve key which was never allocated could have been freed again When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128.

CVE-2024-6612 [MEDIUM] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-6601, CVE-2024-6604, CVE-2024-6607, CVE-2024-6608, CVE-2024-6610, CVE-2024-6611, CVE-2024-6612, CVE-2024-6613, CVE-2024-6614, CVE-2024-6615) It was discovered that Firefox did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-6602, CVE-2024-6609) Irvan Kurniawan discovered that Firefox did not properly manage

CVE-2024-6609 [HIGH] CVE-2024-6609: firefox - When almost out-of-memory an elliptic curve key which was never allocated could ... When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128. Scope: local sid: resolved (fixed in 128.0-1)

CVE-2024-6609 [HIGH] Mozilla Foundation Security Advisory 2024-32: CVE-2024-6609 Mozilla Foundation Security Advisory 2024-32 CVE: CVE-2024-6609 Product: Thunderbird Impact: high Fixed in: Thunderbird 128

CVE-2024-6609 [HIGH] Mozilla Foundation Security Advisory 2024-29: CVE-2024-6609 Mozilla Foundation Security Advisory 2024-29 CVE: CVE-2024-6609 Product: Firefox Impact: high Fixed in: Firefox 128

AddressSanitizer: global-buffer-overflow on NSS PORT_FreeArena_Util -> PL_ClearArenaPool after calloc and malloc failure AddressSanitizer: global-buffer-overflow on NSS PORT_FreeArena_Util -> PL_ClearArenaPool after calloc and malloc failure Created attachment 9339911 asan-global-buffer-overflow-read-8.txt When running `new RTCPeerConnection()` and fillMemory using JS code to exhaust the process virtual memory, on Firefox compiled with AddressSanitizer, I able to hit `AddressSanitizer: global-buffer-overflow`, sometimes it hit SEGV on unknown address, and sometimes "fault was caused by a dereference of a high value address" is included, it hit on NSS `PORT_FreeArena_Util` -> `PL_ClearArenaPool`, this one is quite rare to trigger on ASan, compared to Bug 1838197 is very common. I've investigated for a days, it caused after calloc failure on [`ec_NewKey`](https://searchfox.org/mozilla-central/source/securit