Lucene search
Ubuntu.comUB:CVE-2024-2606HistoryMar 19, 2024 - 12:00 a.m.
CVE-2024-2606
2024-03-1900:00:00
ubuntu.com
ubuntu.com
15
cve-2024-2606
invalid data
wasm values
firefox
vulnerability
arbitrary integers
pointer values
spidermonkey
javascript engine
ubuntu
snap
unix
Passing invalid data could have led to invalid wasm values being created,
such as arbitrary integers turning into pointer values. This vulnerability
affects Firefox < 124.
Notes
| Author | Note |
|---|---|
| tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |
| mdeslaur | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | firefox | < 124.0+build1-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs38 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs68 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs78 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs91 | < any | UNKNOWN |
References
Related
vulnrichment
vulnrichment
CVE-2024-2606
2024-03-19 12:02:52
nvd
nvd
CVE-2024-2606
2024-03-19 12:15:08
cve
cve
CVE-2024-2606
2024-03-19 12:15:08
cnvd
cnvd
Mozilla Firefox Security Bypass Vulnerability (CNVD-2024-14982)
2024-03-21 00:00:00
debiancve
debiancve
CVE-2024-2606
2024-03-19 12:15:08
cvelist
cvelist
CVE-2024-2606
2024-03-19 12:02:52
veracode
veracode
Improper Input Validation
2024-03-25 01:33:05
openvas
openvas
Mozilla Firefox Security Update (mfsa_2024-12) - Mac OS X
2024-03-25 00:00:00
Mozilla Firefox Security Update (mfsa_2024-12) - Windows
2024-03-25 00:00:00
Ubuntu: Security Advisory (USN-6703-1)
2024-03-21 00:00:00
osv
osv
firefox vulnerabilities
2024-03-20 05:48:06
MozillaFirefox-124.0.1-1.1 on GA media
2024-06-15 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6703-1)
2024-03-20 00:00:00
Mozilla Firefox < 124.0
2024-03-19 00:00:00
Fedora 40 : firefox (2024-cd3a64f43b)
2024-04-29 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2024-03-20 00:00:00
kaspersky
kaspersky
KLA65224 Multiple vulnerabilities in Mozilla Firefox
2024-03-19 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 124 — Mozilla
2024-03-19 00:00:00