PT-2024-7152 · Mozilla+4 · Firefox+4

Atte Kettunen

·

Published

2024-10-14

·

Updated

2025-11-19

·

CVE-2024-9936

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 131.0.3
Description The issue is related to the manipulation of the selection node cache, which may cause unexpected behavior and potentially lead to an exploitable crash. This could allow a remote attacker to cause a denial of service. The vulnerability is associated with incorrect clearance or release of resources in the Selection Node Cache component of Mozilla Firefox.
Recommendations For versions prior to 131.0.3, upgrade Firefox to version 131.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious websites to minimize the risk of exploitation.

Fix

Improper Resource Release

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-362

Related Identifiers

ALT-PU-2024-15089
ALT-PU-2024-15839
ALT-PU-2025-11100
ALT-PU-2025-14599
BDU:2024-08484
CVE-2024-9936
OPENSUSE-SU-2024:14415-1
USN-7078-1

Affected Products

Alt Linux
Astra Linux
Firefox
Linuxmint
Ubuntu