CVE-2024-8387 – This CVE describes memory safety bugs in Firefo... (How to Fix)

Q: How do I fix CVE-2024-8387?

1. Open the application. 2. Click the menu button (three horizontal lines). 3. Select Help > About Firefox/Thunderbird. 4. The application will check for updates and install them automatically. 5. Restart the application when prompted.

Q: What is the severity of CVE-2024-8387?

CVE-2024-8387 has a CVSS score of 9.8 (CRITICAL). This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potentially exploit these vulnerabilities to execute arbitrary code on affected systems. All users running vulnerable versions of these applications are at risk.

📋 TL;DR

This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potentially exploit these vulnerabilities to execute arbitrary code on affected systems. All users running vulnerable versions of these applications are at risk.

💻 Affected Systems

Products:

Firefox
Firefox ESR
Thunderbird

Versions: Firefox < 130, Firefox ESR < 128.2, Thunderbird < 128.2

Operating Systems: Windows, Linux, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard installations of affected versions are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crashes (denial of service) with potential for limited code execution in targeted attacks.

🟢

If Mitigated

Application crashes without code execution if exploit attempts fail or security controls block them.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

Memory corruption vulnerabilities require sophisticated exploitation but could be chained with other vulnerabilities.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox 130, Firefox ESR 128.2, Thunderbird 128.2

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-39/

Restart Required: Yes

Instructions:

1. Open the application. 2. Click the menu button (three horizontal lines). 3. Select Help > About Firefox/Thunderbird. 4. The application will check for updates and install them automatically. 5. Restart the application when prompted.

🔧 Temporary Workarounds

Disable JavaScript

all

Temporarily disable JavaScript to reduce attack surface while waiting for patch

about:config -> javascript.enabled = false

🧯 If You Can't Patch

Restrict network access to vulnerable applications using firewall rules
Use application sandboxing or containerization to limit potential damage

🔍 How to Verify

Check if Vulnerable:

Check application version in Help > About Firefox/Thunderbird

Check Version:

firefox --version or thunderbird --version

Verify Fix Applied:

Verify version is Firefox ≥130, Firefox ESR ≥128.2, or Thunderbird ≥128.2

📡 Detection & Monitoring

Log Indicators:

Application crash reports
Memory access violation errors in system logs

Network Indicators:

Unusual outbound connections from browser processes
Suspicious JavaScript payloads

SIEM Query:

source="firefox.log" AND (event="crash" OR event="segfault")

📊 Metadata

CVE ID: CVE-2024-8387

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: September 3, 2024

Last Updated: September 6, 2024

🔗 References

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009 Broken Link
https://www.mozilla.org/security/advisories/mfsa2024-39/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-40/ Vendor Advisory
https://www.mozilla.org/security/advisories/mfsa2024-43/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8387, you might also want to check these: