Lucene search
Ubuntu.comUB:CVE-2024-4778HistoryMay 14, 2024 - 12:00 a.m.
CVE-2024-4778
2024-05-1400:00:00
ubuntu.com
ubuntu.com
7
memory safety bugs
firefox 125
remote code execution
vulnerability
mozilla
thunderbird
ubuntu 22.04
ubuntu 24.04
Memory safety bugs present in Firefox 125. Some of these bugs showed
evidence of memory corruption and we presume that with enough effort some
of these could have been exploited to run arbitrary code. This
vulnerability affects Firefox < 126.
Notes
| Author | Note |
|---|---|
| tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |
| mdeslaur | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap starting with Ubuntu 24.04, the thunderbird package is just a script that installs the Thunderbird snap |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | firefox | < 126.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs38 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs68 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs78 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs91 | < any | UNKNOWN |
References
bugzilla.mozilla.org/buglist.cgi?bug_id=1838834%2C1889291%2C1889595%2C1890204%2C1891545
launchpad.net/bugs/cve/CVE-2024-4778
nvd.nist.gov/vuln/detail/CVE-2024-4778
security-tracker.debian.org/tracker/CVE-2024-4778
ubuntu.com/security/notices/USN-6779-1
www.cve.org/CVERecord?id=CVE-2024-4778
www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4778
www.mozilla.org/security/advisories/mfsa2024-21/
Related
debiancve
debiancve
CVE-2024-4778
2024-05-14 18:15:16
nvd
nvd
CVE-2024-4778
2024-05-14 18:15:16
cvelist
cvelist
CVE-2024-4778
2024-05-14 17:21:27
vulnrichment
vulnrichment
CVE-2024-4778
2024-05-14 17:21:27
cve
cve
CVE-2024-4778
2024-05-14 18:15:16
osv
osv
firefox vulnerabilities
2024-05-21 05:46:27
firefox regressions
2024-05-29 04:25:29
openvas
openvas
Mozilla Firefox Security Update (mfsa_2024-21) - Mac OS X
2024-05-17 00:00:00
Mozilla Firefox Security Advisory (MFSA2024-21) - Linux
2024-05-15 00:00:00
Mozilla Firefox Security Update (mfsa_2024-21) - Windows
2024-05-17 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Firefox regressions (USN-6779-2)
2024-05-29 00:00:00
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6779-1)
2024-05-21 00:00:00
Fedora 39 : firefox (2024-a2c6c8afa9)
2024-05-17 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2024-05-21 00:00:00
Firefox regressions
2024-05-29 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 126 — Mozilla
2024-05-14 00:00:00
kaspersky
kaspersky
KLA67588 Multiple vulnerabilities in Mozilla Firefox
2024-05-14 00:00:00