PT-2024-1354 · Mozilla+10 · Thunderbird+12

Renan Rios

·

Published

2024-01-23

·

Updated

2025-03-21

·

CVE-2024-0741

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 122 Firefox ESR versions prior to 115.7 Thunderbird versions prior to 115.7 ANGLE (affected versions not specified)
Description The issue is related to an out of bounds write in the ANGLE library, which could allow a remote attacker to corrupt memory, leading to a potentially exploitable crash. This may result in a denial of service.
Recommendations For Firefox versions prior to 122, update to version 122 or later. For Firefox ESR versions prior to 115.7, update to version 115.7 or later. For Thunderbird versions prior to 115.7, update to version 115.7 or later. As a temporary workaround, consider restricting the use of the ANGLE library until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2024:0602
ALSA-2024:0603
ALSA-2024:0608
ALSA-2024:0609
ALT-PU-2024-1368
ALT-PU-2024-13898
ALT-PU-2024-1580
ALT-PU-2024-15839
ALT-PU-2024-1783
ALT-PU-2024-1788
ALT-PU-2024-1792
ALT-PU-2024-3614
ALT-PU-2024-3860
ALT-PU-2024-4278
ALT-PU-2024-4748
BDU:2024-00808
CESA-2024_0600
CESA-2024_0608
CESA-2024_0609
CVE-2024-0741
DLA-3720-1
DLA-3727-1
DSA-5605-1
DSA-5606-1
MGASA-2024-0023
MGASA-2024-0024
OESA-2025-1322
OESA-2025-1323
OPENSUSE-SU-2024:13617-1
OPENSUSE-SU-2024:13626-1
OPENSUSE-SU-2024:14572-1
OPENSUSE-SU-2024_0229-1
RHSA-2024:0559
RHSA-2024:0565
RHSA-2024:0596
RHSA-2024:0598
RHSA-2024:0600
RHSA-2024:0601
RHSA-2024:0602
RHSA-2024:0603
RHSA-2024:0604
RHSA-2024:0605
RHSA-2024:0608
RHSA-2024:0609
RHSA-2024:0615
RHSA-2024:0616
RHSA-2024:0618
RHSA-2024:0619
RHSA-2024:0622
RHSA-2024:0623
RHSA-2024_0600
RHSA-2024_0601
RHSA-2024_0602
RHSA-2024_0603
RHSA-2024_0608
RHSA-2024_0609
RLSA-2024:0608
RLSA-2024:0609
SUSE-SU-2024:0211-1
SUSE-SU-2024:0228-1
SUSE-SU-2024:0229-1
SUSE-SU-2024:0242-1
SUSE-SU-2024_0211-1
SUSE-SU-2024_0228-1
SUSE-SU-2024_0229-1
SUSE-SU-2024_0242-1
USN-6610-1
USN-6610-2
USN-6669-1

Affected Products

Alt Linux
Angle
Almalinux
Astra Linux
Centos
Firefox
Firefox Esr
Linuxmint
Red Hat
Red Os
Suse
Thunderbird
Ubuntu