CVE-2024-4764 – A use-after-free vulnerability in Firefox's Web... (How to Fix)

Q: How do I fix CVE-2024-4764?

1. Open Firefox. 2. Click menu → Help → About Firefox. 3. Firefox will check for updates and install Firefox 126. 4. Restart Firefox when prompted.

Q: What is the severity of CVE-2024-4764?

CVE-2024-4764 has a CVSS score of 9.8 (CRITICAL). A use-after-free vulnerability in Firefox's WebRTC audio input handling allows multiple threads to claim the same audio connection, potentially leading to memory corruption. This affects Firefox versions before 126 and could allow remote code execution. Users running vulnerable Firefox versions are at risk when visiting malicious websites.

📋 TL;DR

A use-after-free vulnerability in Firefox's WebRTC audio input handling allows multiple threads to claim the same audio connection, potentially leading to memory corruption. This affects Firefox versions before 126 and could allow remote code execution. Users running vulnerable Firefox versions are at risk when visiting malicious websites.

💻 Affected Systems

Products:

Mozilla Firefox

Versions: All versions < 126

Operating Systems: Windows, Linux, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all Firefox installations with WebRTC enabled (default).

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with full system compromise, allowing attackers to install malware, steal data, or create persistent backdoors.

🟠

Likely Case

Browser crash leading to denial of service, with potential for limited code execution in browser context.

🟢

If Mitigated

Browser crash with no data loss if sandboxing works properly, requiring user to restart browser.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user to visit malicious website, but no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 126

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-21/

Restart Required: Yes

Instructions:

1. Open Firefox. 2. Click menu → Help → About Firefox. 3. Firefox will check for updates and install Firefox 126. 4. Restart Firefox when prompted.

🔧 Temporary Workarounds

Disable WebRTC

all

Disables WebRTC functionality which prevents exploitation but breaks audio/video calls in browser.

about:config → media.peerconnection.enabled → false

🧯 If You Can't Patch

Use alternative browser until Firefox can be updated
Implement network filtering to block suspicious websites

🔍 How to Verify

Check if Vulnerable:

Check Firefox version: about:support → Application Basics → Version. If version < 126, vulnerable.

Check Version:

firefox --version

Verify Fix Applied:

Verify Firefox version is 126 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Firefox crash reports with WebRTC-related stack traces
Unexpected browser process termination

Network Indicators:

Multiple WebRTC connection attempts to same audio device
Suspicious website visits triggering audio device access

SIEM Query:

source="firefox.logs" AND ("WebRTC" OR "audio input" OR "use-after-free") AND severity=CRITICAL

📊 Metadata

CVE ID: CVE-2024-4764

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: May 14, 2024

Last Updated: April 1, 2025

🔗 References

https://bugzilla.mozilla.org/show_bug.cgi?id=1879093 Exploit,Issue Tracking,Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-21/ Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1879093 Exploit,Issue Tracking,Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-21/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-4764, you might also want to check these: