Firefox Vulnerability Allows Plaintext Passage on Intel Sandy Bridge

CVE-2024-7531

6.5MEDIUM

Key Information

Vendor: Mozilla
Status: Firefox; Firefox Esr
Vendor: CVE Published:; 6 August 2024

Summary

Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.

Affected Version(s)

Firefox < 129

Firefox ESR < 115.14

Firefox ESR < 128.1

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 6, 2024
Vulnerability Reserved.
Aug 5, 2024

Collectors

NVD DatabaseMitre Database

Credit

Lars Eggert