CVE-2024-1554: Firefox Fetch API and Navigation Cache Poisoning Vulnerability

A critical vulnerability has been discovered in Firefox that allows an attacker to poison the browser's local cache with a malicious payload. This vulnerability, tracked as CVE-2024-1554, poses serious risks, as the user may unexpectedly encounter harmful content while browsing. In this post, we will discuss in detail the exploit, what it can do, and how to stay protected.

Description

The issue is rooted in the improper handling of the cache shared between the fetch() API and navigation requests. It stems from the cache key neglecting to include the optional headers the fetch() API may contain. Consequently, attackers may exploit this vulnerability and inflict a severe threat to users by contaminating their browser cache.

Here's a step-by-step scenario describing the exploit

1. The attacker makes use of fetch() API by including extra headers, requesting a URL that has been controlled or manipulated.

Affected Versions

Firefox versions prior to 123 are affected by this vulnerability.

The problematic cache key handling is exemplified below

// A simple fetch() call with optional headers
fetch('https://example.com';, {
  headers: {
    'X-Extra-Header': 'controlled-by-attacker'
  }
}).then(resp => {
  // The response is cached but contains extra headers provided by the attacker
});

// Navigating to the same URL without knowing the existence of the optional headers
window.location = 'https://example.com';;

// The user sees the cached malicious response instead of the expected content

Original References

For more in-depth information on the vulnerability, its details, and the fixes applied, please follow these links:
1. https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2024-1554 (Mozilla's official Bugzilla report)
2. https://www.mozilla.org/en-US/security/advisories/mfsa2024-1554/ (Mozilla Foundation Security Advisory)

Mitigations

To protect yourself from this vulnerability, always ensure your Firefox browser is updated to the latest version. Mozilla has addressed the problem in Firefox 123, so upgrading to this version will patch the security loophole.

In addition to staying up-to-date, users should also be cautious when interacting with websites they are not familiar with or don't trust. Moreover, employing trusted and up-to-date security software can provide an extra layer of protection against emerging threats.

Conclusion

CVE-2024-1554 underlines the importance of keeping software updated and being vigilant while browsing the Internet. Users of Firefox should immediately apply the update to safeguard themselves against this critical cache poisoning vulnerability. By maintaining our vigilance and staying informed, we can create a safer online environment for everyone.

Timeline

Published on: 02/20/2024 14:15:08 UTC
Last modified on: 08/20/2024 20:35:08 UTC