Lucene search
Ubuntu.comUB:CVE-2024-6615HistoryJul 10, 2024 - 12:00 a.m.
CVE-2024-6615
2024-07-1000:00:00
ubuntu.com
ubuntu.com
6
memory safety bugs
firefox 127
memory corruption
arbitrary code execution
vulnerability
firefox < 128
Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of
these bugs showed evidence of memory corruption and we presume that with
enough effort some of these could have been exploited to run arbitrary
code. This vulnerability affects Firefox < 128 and Thunderbird < 128.
Notes
| Author | Note |
|---|---|
| tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |
| mdeslaur | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap starting with Ubuntu 24.04, the thunderbird package is just a script that installs the Thunderbird snap |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | firefox | < 128.0+build2-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | mozjs102 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs38 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs52 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mozjs68 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs78 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mozjs91 | < any | UNKNOWN |
References
bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364
launchpad.net/bugs/cve/CVE-2024-6615
nvd.nist.gov/vuln/detail/CVE-2024-6615
security-tracker.debian.org/tracker/CVE-2024-6615
ubuntu.com/security/notices/USN-6890-1
www.cve.org/CVERecord?id=CVE-2024-6615
www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6615
www.mozilla.org/security/advisories/mfsa2024-29/
Related
nvd
nvd
CVE-2024-6615
2024-07-09 15:15:13
cvelist
cvelist
CVE-2024-6615
2024-07-09 14:26:01
alpinelinux
alpinelinux
CVE-2024-6615
2024-07-09 15:15:13
debiancve
debiancve
CVE-2024-6615
2024-07-09 15:15:13
osv
osv
CVE-2024-6615
2024-07-10 00:00:00
CGA-2mr4-gxmv-gm4p
2024-07-15 21:50:56
firefox vulnerabilities
2024-07-10 05:51:27
vulnrichment
vulnrichment
CVE-2024-6615
2024-07-09 14:26:01
cve
cve
CVE-2024-6615
2024-07-09 15:15:13
wolfi
wolfi
CVE-2024-6615 vulnerabilities
2024-09-18 21:11:55
ubuntu
ubuntu
Firefox vulnerabilities
2024-07-10 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6890-1)
2024-07-10 00:00:00
Mozilla Thunderbird < 128.0
2024-07-16 00:00:00
Mozilla Thunderbird < 128.0
2024-07-16 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2024-29) - Linux
2024-07-10 00:00:00
Ubuntu: Security Advisory (USN-6890-1)
2024-07-10 00:00:00
Mozilla Firefox Security Update (mfsa_2024-29) - Windows
2024-07-11 00:00:00
kaspersky
kaspersky
KLA70478 Multiple vulnerabilities in Mozilla Thunderbird
2024-07-11 00:00:00
KLA70406 Multiple vulnerabilities in Mozilla Firefox
2024-07-09 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 128 — Mozilla
2024-07-11 00:00:00
Security Vulnerabilities fixed in Firefox 128 — Mozilla
2024-07-09 00:00:00