CVE-2024-6609

Summary

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 128affected
MozillaThunderbirdunspecified < 128affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References