CVE-2024-3860 Information

Description

An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1881417 https://www.mozilla.org/security/advisories/mfsa2024-18/