CVE-2024-3858

Summary

It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 125affected

Weaknesses

  • Corrupt pointer dereference in js::CheckTracedThing

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References