Wind River Support Network

HomeDefectsLIN1023-4301
Not to be fixed

LIN1023-4301 : Security Advisory - firefox - CVE-2024-2608

Created: Mar 19, 2024    Updated: Mar 25, 2024
Resolved Date: Mar 24, 2024
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CREATE(Triage):(User=admin) CVE-2024-2608 (https://nvd.nist.gov/vuln/detail/CVE-2024-2608)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube