CVE-2024-1554: 
NixOS vulnerability analysis and mitigation

CVE-2024-1554 is a cache poisoning vulnerability discovered in Firefox's fetch() API implementation. The vulnerability was disclosed on February 20, 2024, and affects Firefox versions prior to 123. The issue stems from the fetch() API and navigation incorrectly sharing the same cache, where the cache key did not include the optional headers that fetch() may contain (Mozilla Advisory).

The vulnerability occurs because the browser's private cache was shared between fetch() API calls and normal navigation, with the cache key being based only on the URI and originating context. The issue becomes exploitable when two conditions are met: the fetch request and response must be cacheable under normal circumstances (typically using GET method with implicit or explicit cache headers), and the target endpoint must pass a pre-flight check due to CORS requirements. The vulnerability was rated as having a moderate impact (Mozilla Advisory, Bugzilla).

Under the correct circumstances, an attacker could poison the local browser cache by priming it with a fetch() response controlled by additional headers. When a user subsequently navigates to the same URL, they would see the cached malicious response instead of the expected response. This could potentially lead to various attacks, including cross-site scripting (XSS) when chained with other vulnerabilities (Mozilla Advisory, Bugzilla).

The vulnerability was fixed in Firefox 123 by improving the cache key generation mechanism. The fix involved adding additional information to the cache key to ensure that requests made by fetch() and normal navigation are properly separated (Mozilla Advisory).