CVE-2024-8384

The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bugzilla.mozilla.org/show_bug.cgi?id=1911288	Issue Tracking Permissions Required
https://www.mozilla.org/security/advisories/mfsa2024-39/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-40/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-41/	Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-43/
https://www.mozilla.org/security/advisories/mfsa2024-44/
https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html
https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::
	cpe:2.3:a:mozilla:firefox_esr::::::::

History

No history.

Information

Published : 2024-09-03 13:15

Updated : 2025-11-04 17:16

NVD link : CVE-2024-8384

Mitre link : CVE-2024-8384

CVE.ORG link : CVE-2024-8384

JSON object : View

Products Affected

mozilla

firefox
firefox_esr

CWE

CWE-787

Out-of-bounds Write

CWE-416

Use After Free

{"id": "CVE-2024-8384", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-09-03T13:15:05.743", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1911288", "tags": ["Issue Tracking", "Permissions Required"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-39/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-40/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-41/", "tags": ["Vendor Advisory"], "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-43/", "source": "security@mozilla.org"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-44/", "source": "security@mozilla.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00012.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00025.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, Firefox ESR < 115.15, Thunderbird < 128.2, and Thunderbird < 115.15."}, {"lang": "es", "value": "El recolector de elementos no utilizados de JavaScript podr\u00eda colorear incorrectamente los objetos entre compartimentos si se detectaran condiciones de OOM en el punto correcto entre dos pasadas. Esto podr\u00eda haber provocado una corrupci\u00f3n de la memoria. Esta vulnerabilidad afecta a Firefox < 130, Firefox ESR < 128.2 y Firefox ESR < 115.15."}], "lastModified": "2025-11-04T17:16:17.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87E41A09-924E-494F-BDF3-8C17EF330178", "versionEndExcluding": "130.0"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1208DB6D-68A1-41C1-9C57-7C1C16F32229", "versionEndExcluding": "115.15"}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D8B478B-4E42-4B63-B62E-D788C298047D", "versionEndExcluding": "128.2", "versionStartIncluding": "128.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@mozilla.org"}