openEuler 22.03 LTS SP3 update for nodejs



Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2023-46809
CVE-2024-22019
CVE-2024-22025
CVE-2024-27982
CVE-2024-27983
CWE-ID CWE-385
CWE-20
CWE-444
CWE-617
Exploitation vector Network
Public exploit Public exploit code for vulnerability #5 is available.
Vulnerable software
openEuler
Operating systems & Components / Operating system

nodejs-docs
Operating systems & Components / Operating system package or component

v8-devel
Operating systems & Components / Operating system package or component

npm
Operating systems & Components / Operating system package or component

nodejs-libs
Operating systems & Components / Operating system package or component

nodejs-full-i18n
Operating systems & Components / Operating system package or component

nodejs-devel
Operating systems & Components / Operating system package or component

nodejs-debugsource
Operating systems & Components / Operating system package or component

nodejs-debuginfo
Operating systems & Components / Operating system package or component

nodejs
Operating systems & Components / Operating system package or component

Vendor openEuler

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Covert Timing Channel

EUVDB-ID: #VU86724

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46809

CWE-ID: CWE-385 - Covert Timing Channel

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform Marvin attack.

The vulnerability exists due to a covert timing channel in the privateDecrypt() API of the crypto library. A remote attacker can perform a covert timing side-channel during PKCS#1 v1.5 padding error handling and decrypt captured RSA ciphertexts or forge signatures, especially in scenarios involving API endpoints processing Json Web Encryption messages.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

nodejs-docs: before 12.22.11-10

v8-devel: before 7.8.279.23-1.12.22.11.10

npm: before 6.14.16-1.12.22.11.10

nodejs-libs: before 12.22.11-10

nodejs-full-i18n: before 12.22.11-10

nodejs-devel: before 12.22.11-10

nodejs-debugsource: before 12.22.11-10

nodejs-debuginfo: before 12.22.11-10

nodejs: before 12.22.11-10

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU86721

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22019

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing HTTP requests with chunked encoding. A remote attacker can send specially crafted HTTP request to the server and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

nodejs-docs: before 12.22.11-10

v8-devel: before 7.8.279.23-1.12.22.11.10

npm: before 6.14.16-1.12.22.11.10

nodejs-libs: before 12.22.11-10

nodejs-full-i18n: before 12.22.11-10

nodejs-devel: before 12.22.11-10

nodejs-debugsource: before 12.22.11-10

nodejs-debuginfo: before 12.22.11-10

nodejs: before 12.22.11-10

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU86733

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22025

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when handling brotli decoding. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

nodejs-docs: before 12.22.11-10

v8-devel: before 7.8.279.23-1.12.22.11.10

npm: before 6.14.16-1.12.22.11.10

nodejs-libs: before 12.22.11-10

nodejs-full-i18n: before 12.22.11-10

nodejs-devel: before 12.22.11-10

nodejs-debugsource: before 12.22.11-10

nodejs-debuginfo: before 12.22.11-10

nodejs: before 12.22.11-10

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU88176

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27982

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

nodejs-docs: before 12.22.11-10

v8-devel: before 7.8.279.23-1.12.22.11.10

npm: before 6.14.16-1.12.22.11.10

nodejs-libs: before 12.22.11-10

nodejs-full-i18n: before 12.22.11-10

nodejs-devel: before 12.22.11-10

nodejs-debugsource: before 12.22.11-10

nodejs-debuginfo: before 12.22.11-10

nodejs: before 12.22.11-10

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Reachable Assertion

EUVDB-ID: #VU88175

Risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2024-27983

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling HTTP/2 packets. A remote attacker can send a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP3

nodejs-docs: before 12.22.11-10

v8-devel: before 7.8.279.23-1.12.22.11.10

npm: before 6.14.16-1.12.22.11.10

nodejs-libs: before 12.22.11-10

nodejs-full-i18n: before 12.22.11-10

nodejs-devel: before 12.22.11-10

nodejs-debugsource: before 12.22.11-10

nodejs-debuginfo: before 12.22.11-10

nodejs: before 12.22.11-10

CPE2.3 External links

http://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2171


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###