Bug 2296638 (CVE-2024-6603) - CVE-2024-6603 Mozilla: Memory corruption in thread creation
Summary: CVE-2024-6603 Mozilla: Memory corruption in thread creation
Keywords:
Status: NEW
Alias: CVE-2024-6603
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2295963
TreeView+ depends on / blocked
 
Reported: 2024-07-09 15:21 UTC by OSIDB Bzimport
Modified: 2024-07-29 01:11 UTC (History)
5 users (show)

Fixed In Version: firefox 115.13, thunderbird 115.13
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:4500 0 None None None 2024-07-11 11:56:31 UTC
Red Hat Product Errata RHSA-2024:4501 0 None None None 2024-07-11 11:41:47 UTC
Red Hat Product Errata RHSA-2024:4508 0 None None None 2024-07-11 13:51:14 UTC
Red Hat Product Errata RHSA-2024:4517 0 None None None 2024-07-11 15:16:30 UTC
Red Hat Product Errata RHSA-2024:4586 0 None None None 2024-07-17 04:21:47 UTC
Red Hat Product Errata RHSA-2024:4590 0 None None None 2024-07-17 12:11:46 UTC
Red Hat Product Errata RHSA-2024:4610 0 None None None 2024-07-18 11:23:01 UTC
Red Hat Product Errata RHSA-2024:4624 0 None None None 2024-07-18 14:13:04 UTC
Red Hat Product Errata RHSA-2024:4625 0 None None None 2024-07-18 13:41:14 UTC
Red Hat Product Errata RHSA-2024:4634 0 None None None 2024-07-18 15:39:25 UTC
Red Hat Product Errata RHSA-2024:4635 0 None None None 2024-07-18 15:48:34 UTC
Red Hat Product Errata RHSA-2024:4670 0 None None None 2024-07-22 01:24:28 UTC
Red Hat Product Errata RHSA-2024:4671 0 None None None 2024-07-22 01:19:56 UTC
Red Hat Product Errata RHSA-2024:4673 0 None None None 2024-07-22 01:22:38 UTC
Red Hat Product Errata RHSA-2024:4717 0 None None None 2024-07-23 08:23:46 UTC
Red Hat Product Errata RHSA-2024:4718 0 None None None 2024-07-23 08:38:26 UTC
Red Hat Product Errata RHSA-2024:4894 0 None None None 2024-07-29 01:11:44 UTC

Description OSIDB Bzimport 2024-07-09 15:21:22 UTC 
In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13.
Comment 12 errata-xmlrpc 2024-07-11 11:41:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2024:4501 https://access.redhat.com/errata/RHSA-2024:4501
Comment 13 errata-xmlrpc 2024-07-11 11:56:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:4500 https://access.redhat.com/errata/RHSA-2024:4500
Comment 14 errata-xmlrpc 2024-07-11 13:51:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2024:4508 https://access.redhat.com/errata/RHSA-2024:4508
Comment 15 errata-xmlrpc 2024-07-11 15:16:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:4517 https://access.redhat.com/errata/RHSA-2024:4517
Comment 26 errata-xmlrpc 2024-07-17 04:21:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2024:4586 https://access.redhat.com/errata/RHSA-2024:4586
Comment 27 errata-xmlrpc 2024-07-17 12:11:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:4590 https://access.redhat.com/errata/RHSA-2024:4590
Comment 28 errata-xmlrpc 2024-07-18 11:23:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2024:4610 https://access.redhat.com/errata/RHSA-2024:4610
Comment 29 errata-xmlrpc 2024-07-18 13:41:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2024:4625 https://access.redhat.com/errata/RHSA-2024:4625
Comment 30 errata-xmlrpc 2024-07-18 14:13:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:4624 https://access.redhat.com/errata/RHSA-2024:4624
Comment 31 errata-xmlrpc 2024-07-18 15:39:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2024:4634 https://access.redhat.com/errata/RHSA-2024:4634
Comment 32 errata-xmlrpc 2024-07-18 15:48:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:4635 https://access.redhat.com/errata/RHSA-2024:4635
Comment 33 errata-xmlrpc 2024-07-22 01:19:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2024:4671 https://access.redhat.com/errata/RHSA-2024:4671
Comment 34 errata-xmlrpc 2024-07-22 01:22:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4673 https://access.redhat.com/errata/RHSA-2024:4673
Comment 35 errata-xmlrpc 2024-07-22 01:24:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4670 https://access.redhat.com/errata/RHSA-2024:4670
Comment 36 errata-xmlrpc 2024-07-23 08:23:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2024:4717 https://access.redhat.com/errata/RHSA-2024:4717
Comment 37 errata-xmlrpc 2024-07-23 08:38:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:4718 https://access.redhat.com/errata/RHSA-2024:4718
Comment 38 errata-xmlrpc 2024-07-29 01:11:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2024:4894 https://access.redhat.com/errata/RHSA-2024:4894
Note You need to log in before you can comment on or make changes to this bug.