CVE-2024-10468: Race Condition

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1914982
• https://www.mozilla.org/security/advisories/mfsa2024-55/
• https://www.mozilla.org/security/advisories/mfsa2024-59/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-59/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10468
• https://nvd.nist.gov/vuln/detail/CVE-2024-10468
• https://launchpad.net/bugs/cve/CVE-2024-10468
• https://security-tracker.debian.org/tracker/CVE-2024-10468
• https://ubuntu.com/security/CVE-2024-10468
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10468

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2024-59
• MFSA2024-55

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2024-10458
• CVE-2024-10459
• CVE-2024-10460
• CVE-2024-10461
• CVE-2024-10462
• CVE-2024-10463
• CVE-2024-10468
• CVE-2024-10464
• CVE-2024-10465
• CVE-2024-10466
• CVE-2024-10467

Frequently Asked Questions

• What is the severity of CVE-2024-10468?

  CVE-2024-10468 has a medium severity due to potential memory corruption leading to crashes.

• How do I fix CVE-2024-10468?

  To fix CVE-2024-10468, update Mozilla Thunderbird or Firefox to version 132.0.1 or later.

• What are the affected software versions for CVE-2024-10468?

  CVE-2024-10468 affects Mozilla Thunderbird and Firefox versions prior to 132.0.1.

• What type of vulnerability is CVE-2024-10468?

  CVE-2024-10468 is a potential race condition vulnerability in IndexedDB.

• Can CVE-2024-10468 lead to exploitation?

  Yes, CVE-2024-10468 can potentially lead to exploitation through memory corruption.