Firefox Vulnerability: Use-After-Free Due to Incorrect Reference Count
CVE-2024-3861

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Firefox Esr
Thunderbird
Vendor
CVE Published:
16 April 2024

What is CVE-2024-3861?

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Firefox < 125

Firefox ESR < 115.10

Thunderbird < 115.10

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1883158
https://lists.debian.org/debian-lts-announce/2024/04/msg0...
https://lists.debian.org/debian-lts-announce/2024/04/msg0...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ronald Crane
JSON
.