CVE-2024-6604 – This CVE describes memory safety bugs in Firefo... (How to Fix)

Q: How do I fix CVE-2024-6604?

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to complete. 4. Restart the application when prompted.

Q: What is the severity of CVE-2024-6604?

CVE-2024-6604 has a CVSS score of 7.5 (HIGH). This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potentially exploit these vulnerabilities to execute arbitrary code on affected systems. All users running vulnerable versions of Firefox (<128, ESR <115.13) or Thunderbird (<115.13, <128) are at risk.

📋 TL;DR

This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potentially exploit these vulnerabilities to execute arbitrary code on affected systems. All users running vulnerable versions of Firefox (<128, ESR <115.13) or Thunderbird (<115.13, <128) are at risk.

💻 Affected Systems

Products:

Mozilla Firefox
Mozilla Firefox ESR
Mozilla Thunderbird

Versions: Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, Thunderbird < 128

Operating Systems: Windows, Linux, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution allowing attackers to take complete control of the affected system, install malware, steal data, or pivot to other systems.

🟠

Likely Case

Browser/application crashes (denial of service) or limited memory corruption leading to information disclosure.

🟢

If Mitigated

No impact if systems are patched or if exploit attempts are blocked by security controls like application allowlisting or network filtering.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Memory corruption vulnerabilities typically require sophisticated exploitation techniques. No public exploits have been reported, but Mozilla presumes some could be exploited with enough effort.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, Thunderbird 128

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-29/

Restart Required: Yes

Instructions:

1. Open Firefox/Thunderbird. 2. Click menu → Help → About Firefox/Thunderbird. 3. Allow automatic update to complete. 4. Restart the application when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Temporarily reduces attack surface by disabling JavaScript execution, though this breaks most web functionality.

about:config → javascript.enabled = false

🧯 If You Can't Patch

Restrict network access to vulnerable browsers using firewall rules or proxy policies.
Implement application control to prevent execution of unauthorized processes from browser contexts.

🔍 How to Verify

Check if Vulnerable:

Check browser version: Firefox → Help → About Firefox; Thunderbird → Help → About Thunderbird.

Check Version:

firefox --version || thunderbird --version

Verify Fix Applied:

Confirm version is Firefox ≥128, Firefox ESR ≥115.13, or Thunderbird ≥115.13/128.

📡 Detection & Monitoring

Log Indicators:

Unexpected browser crashes
Memory access violation events in system logs
Suspicious child processes spawned from browser

Network Indicators:

Unusual outbound connections from browser processes
Traffic to known exploit hosting domains

SIEM Query:

process_name:firefox.exe AND (event_id:1000 OR event_id:1001) OR process_name:thunderbird.exe AND (event_id:1000 OR event_id:1001)

📊 Metadata

CVE ID: CVE-2024-6604

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: July 9, 2024

Last Updated: April 4, 2025

🔗 References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266 Issue Tracking
https://www.mozilla.org/security/advisories/mfsa2024-29/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-30/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-31/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-32/ Vendor Advisory
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266 Issue Tracking
https://www.mozilla.org/security/advisories/mfsa2024-29/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-30/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-31/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-32/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6604, you might also want to check these: