Vulnerability CVE-2024-4777: Information

Description

Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

Published: May 14, 2024
Modified: May 14, 2024

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus126.0-alt1126.0-alt2ALT-PU-2024-7772-2347340Fixed
firefoxsisyphus_riscv64126.0-alt0.port126.0-alt0.portALT-PU-2024-8054-1-Fixed
firefoxsisyphus_loongarch64126.0-alt1.0.port126.0-alt1.0.portALT-PU-2024-7895-1-Fixed
firefoxp11126.0-alt1126.0-alt2ALT-PU-2024-7772-2347340Fixed
firefox-esrsisyphus115.11.0-alt1115.11.0-alt1ALT-PU-2024-7980-2347636Fixed
firefox-esrsisyphus_loongarch64115.11.0-alt1115.11.0-alt1ALT-PU-2024-8114-1-Fixed
firefox-esrp10115.11.0-alt1115.11.0-alt1ALT-PU-2024-7982-3348463Fixed
firefox-esrp11115.11.0-alt1115.11.0-alt1ALT-PU-2024-7980-2347636Fixed

References to Advisories, Solutions, and Tools