Firefox zero day vulnerability

For discussions about security.
Post Reply
d-pupp
Posts: 331
Joined: Tue Nov 22, 2022 9:11 pm
Location: Canada
Has thanked: 187 times
Been thanked: 52 times

Firefox zero day vulnerability

Post by d-pupp »

Firefox zero day vulnerability

Security Vulnerability fixed in Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1

Announced
October 9, 2024
Impact
critical
Products
Firefox, Firefox ESR
Fixed in

Firefox 131.0.2
Firefox ESR 115.16.1
Firefox ESR 128.3.1

#CVE-2024-9680: Use-after-free in Animation timeline

Reporter
Damien Schaeffer from ESET
Impact
critical

Description

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild.
References

Bug 1923344

Top
d-pupp
Posts: 331
Joined: Tue Nov 22, 2022 9:11 pm
Location: Canada
Has thanked: 187 times
Been thanked: 52 times

Re: Firefox zero day vulnerability

Post by d-pupp »

For anyone interested Firefox has patched this vulnerability and it is now available via apt.
The patched version is 128.3.1esr

Top
Post Reply

Return to “Security”