What is CVE-2023-29544?

CVE-2023-29544 is a vulnerability in Mozilla Firefox. Published 2023-06-02.

Is CVE-2023-29544 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mozilla Firefox

CVE-2023-29544

If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112…

EPSS: 0.004 (63.6th percentile) — read the EPSS interpretation.

Affected products

Mozilla Firefox — versions unspecified
Mozilla Firefox For Android — versions unspecified
Mozilla Focus For Android — versions unspecified

Public proof-of-concept exploits

5211-yx/javascript_
TimerIzaya/fuzzilli-plus
TimerIzaya/izayailli
googleprojectzero/fuzzilli
zhangjiahui-buaa/MasterThesis

References

www.mozilla.org/security/advisories/mfsa2023-13/
bugzilla.mozilla.org/show_bug.cgi

Frequently asked questions

What is CVE-2023-29544?: CVE-2023-29544 is a vulnerability in Mozilla Firefox. Published 2023-06-02.
Is CVE-2023-29544 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.