CVE-2024-5695: Critical severity firefox vulnerability
Published Jun 11, 2024
·Updated
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred.
Affected Software
3 affected componentsFixes available
debian/firefox
131.0.3-1
Mozilla Firefox<127
127
Mozilla Firefox<127.0
Event History
Jun 11, 2024
CVE Published
via Mozilla·12:00 AM
CVE Published
via MITRE·12:40 PM
Data Sourced
via MITRE·12:40 PM
DescriptionWeakness
Jul 3, 2024
Data Sourced
via Launchpad·08:12 AM
Description
Sep 17, 2024
Data Sourced
via Ubuntu·08:20 AM
RemedyDescriptionSeverityAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
1
What is the severity of CVE-2024-5695?
CVE-2024-5695 has a high severity due to potential memory corruption risks.
2
How do I fix CVE-2024-5695?
To mitigate CVE-2024-5695, update to Firefox version 131.0.3-1 or later.
3
Which versions of Firefox are affected by CVE-2024-5695?
CVE-2024-5695 affects versions of Firefox prior to 127.
4
What are the consequences of CVE-2024-5695 if exploited?
Exploitation of CVE-2024-5695 can lead to unexpected application behavior and possible data corruption.
5
Is there any workaround for CVE-2024-5695 until I can update?
Currently, there are no effective workarounds for CVE-2024-5695; updating Firefox is recommended.