CVE-2024-29943

Related Files

Ubuntu Security Notice USN-6710-2

Posted Apr 4, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6710-2 - USN-6710-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, ubuntu

advisories | CVE-2024-29943, CVE-2024-29944

SHA-256 | 10451fa33f7fbd875188c19a379b2973058dd79a55dd446fd39ec8ac1da5fdd6

Download | Favorite | View

Ubuntu Security Notice USN-6710-1

Posted Mar 25, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6710-1 - Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2024-29943, CVE-2024-29944

SHA-256 | cda91a51f7eccf5cc349e1e3b85719bd26d54ad0308e44c693aedf48562d1b72

Download | Favorite | View