CVE-2024-9403 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-9403 Interim 1 11 2025-04-30T23:59:24Z current 2024-10-01T23:29:28Z 2025-04-30T23:59:24Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/suse-liberty-linux-updates/2024-October/000115.html E-Mail link for RHSA-2024:7552 https://lists.suse.com/pipermail/suse-liberty-linux-updates/2024-October/000118.html E-Mail link for RHSA-2024:7699 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/N4JP3GXA5W44ZPKFH3YRRO2ZB77WGE4V/ E-Mail link for openSUSE-SU-2024:14385-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 SUSE Liberty Linux 9 SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-131.0-1.1 MozillaFirefox-branding-upstream-131.0-1.1 MozillaFirefox-devel MozillaFirefox-devel-131.0-1.1 MozillaFirefox-translations-common MozillaFirefox-translations-common-131.0-1.1 MozillaFirefox-translations-other MozillaFirefox-translations-other-131.0-1.1 thunderbird-128.3.0-1.el8_10 thunderbird-128.3.0-1.el9_4 thunderbird-128.3.0-1.el8_10 as a component of SUSE Liberty Linux 8 thunderbird-128.3.0-1.el9_4 as a component of SUSE Liberty Linux 9 MozillaFirefox-131.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-131.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-devel-131.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-131.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-131.0-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP2-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 12 SP4-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131. CVE-2024-9403 SUSE Liberty Linux 8:thunderbird-128.3.0-1.el8_10 SUSE Liberty Linux 9:thunderbird-128.3.0-1.el9_4 openSUSE Tumbleweed:MozillaFirefox-131.0-1.1 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-131.0-1.1 openSUSE Tumbleweed:MozillaFirefox-devel-131.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-common-131.0-1.1 openSUSE Tumbleweed:MozillaFirefox-translations-other-131.0-1.1 important 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H