Vulnerability CVE-2024-2614: Information

Description

Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-2614
Published: March 19, 2024
Modified: March 25, 2024

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus124.0-alt1126.0-alt1ALT-PU-2024-4271-2343190Fixed
firefoxsisyphus_riscv64124.0.1-alt0.port125.0.3-alt0.portALT-PU-2024-6052-1-Fixed
firefoxsisyphus_loongarch64124.0-alt1.0.port126.0-alt1.0.portALT-PU-2024-4597-1-Fixed
firefox-esrsisyphus115.9.1-alt1115.10.0-alt1ALT-PU-2024-4963-2344244Fixed
firefox-esrsisyphus_loongarch64115.9.1-alt1115.10.0-alt1ALT-PU-2024-5937-1-Fixed
firefox-esrp10115.9.1-alt1115.10.0-alt1ALT-PU-2024-4971-3344254Fixed
firefox-esrc10f1115.9.1-alt0.c10.1115.9.1-alt0.c10.1ALT-PU-2024-6027-2344289Fixed
thunderbirdsisyphus115.9.0-alt1115.9.0-alt1ALT-PU-2024-4973-2344245Fixed
thunderbirdsisyphus_loongarch64115.9.0-alt1115.9.0-alt1ALT-PU-2024-5939-1-Fixed
thunderbirdp10115.9.0-alt1115.9.0-alt1ALT-PU-2024-5117-3344280Fixed
thunderbirdc10f1115.9.0-alt0.c10.1115.9.0-alt0.c10.1ALT-PU-2024-6213-2344693Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
    https://www.mozilla.org/security/advisories/mfsa2024-12/
      https://www.mozilla.org/security/advisories/mfsa2024-13/
        https://www.mozilla.org/security/advisories/mfsa2024-14/
          https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html
            https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html
              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
              Version: v24.5.1
              Back to top