CVE-2024-2613

Summary

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 124affected

Weaknesses

  • Improper handling of QUIC ACK frame data could have led to OOM

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References