CVE-2024-2616

Summary

To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This vulnerability affects Firefox ESR < 115.9 and Thunderbird < 115.9.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 115.9affected
MozillaThunderbirdunspecified < 115.9affected

Weaknesses

  • Improve handling of out-of-memory conditions in ICU

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References