CVE-2024-11704 is a critical double-free vulnerability discovered in Mozilla's NSS (Network Security Services) stack, specifically in the sec_pkcs7_decoder_start_decrypt() function. Under certain failure conditions, this bug could cause the same symmetric key to be freed twice. This may open up the possibilities of memory corruption, process crashes, or even code execution. The flaw affects Firefox versions prior to 133 and Thunderbird versions before 133.
This article will explain the bug in layman’s terms, show a code example, discuss how exploitation might look, and offer relevant references for diving deeper.
What Is a Double-Free?
In programming, “freeing” a memory block means releasing it back to the system, indicating it’s no longer needed. If a program mistakenly frees the same memory block twice (called “double free”), it may cause undefined behavior. In practice, attackers can occasionally exploit double-free bugs to take control of memory and run malicious code.
Where Did It Happen? (Technical Details)
The dangerous code was in NSS, the cryptography library used by Firefox and Thunderbird. The routine sec_pkcs7_decoder_start_decrypt() is supposed to handle PKCS#7 operations – a format for secure messages. If an error happens at just the right time when decrypting (for example, when memory allocation fails or invalid data is passed), the same key pointer might get cleaned up (freed) more than once.
Simplified Vulnerable Pattern
SECStatus sec_pkcs7_decoder_start_decrypt(...., SymKey *key, ...) {
...
if (error_condition) {
...
// 'key' is freed here on error
PK11_FreeSymKey(key);
...
return SECFailure;
}
...
// Later, in a cleanup section:
if (key) {
// 'key' is freed again here
PK11_FreeSymKey(key);
key = NULL;
}
...
}
If the function exits via an error path _and_ also goes through its standard cleanup route, the same symmetric key may get freed twice. That’s a classic double-free scenario.
What’s the Impact?
- Memory Corruption: Double frees can result in unpredictable application states and memory corruption.
Denial of Service: Crashing the browser or email client.
- Potential Code Execution: If an attacker can control memory layout, they may take over program flow (though no simple public exploit exists yet).
Since these cryptographic routines may parse untrusted or attacker-supplied content (such as signed or encrypted emails), exploitation is possible by simply delivering crafted data.
Proof-of-Concept Snippet
A simplified fuzzing example (not a working exploit, but shows how one might search for the bug) might look like:
import subprocess
# Simulate sending a malformed PKCS#7 message to Thunderbird
bad_pkcs7 = b"bad data that triggers the error"
with open("bad_message.p7m", "wb") as f:
f.write(bad_pkcs7)
# Launch Thunderbird with the malicious file
subprocess.run(["thunderbird", "-file", "bad_message.p7m"])
The detailed crafting of the trigger is difficult due to PKCS#7 formatting, but fuzzers can provoke the core vulnerability.
Fix and References
Mozilla fixed this flaw in NSS and released updates for Firefox and Thunderbird. Patches ensure the symmetric key is only freed once, and the pointer is cleared immediately to prevent reuse.
- Mozilla Security Advisory 2024-15 for Firefox
- NSS Bug Fix Commit
- CVE Record
Thunderbird users below version 133
Especially if you open encrypted and/or signed messages from untrusted sources, or browse webpages that might deliver malformed content.
Conclusion
CVE-2024-11704 is a severe bug that demonstrates why careful memory management is crucial in cryptographic code. Once again, the best defense is to stay current with updates and watch for future disclosures and patches.
References
- NVD CVE-2024-11704
- Mozilla Bug, Bugzilla #1873004
- Mozilla Security Advisory for Firefox 133
Update your browser and email client now. Don’t let hackers exploit old bugs!
Timeline
Published on: 11/26/2024 14:15:19 UTC
Last modified on: 11/27/2024 16:15:13 UTC