SUSE update for nodejs8



Published: 2022-03-03
Risk High
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2021-23343
CVE-2021-32803
CVE-2021-32804
CVE-2021-3807
CVE-2021-3918
CWE-ID CWE-185
CWE-36
CWE-20
CWE-94
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SUSE Linux Enterprise Server for SAP
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE CaaS Platform
Operating systems & Components / Operating system

nodejs8-docs
Operating systems & Components / Operating system package or component

nodejs-common
Operating systems & Components / Operating system package or component

npm8
Operating systems & Components / Operating system package or component

nodejs8-devel
Operating systems & Components / Operating system package or component

nodejs8-debugsource
Operating systems & Components / Operating system package or component

nodejs8-debuginfo
Operating systems & Components / Operating system package or component

nodejs8
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Incorrect Regular Expression

EUVDB-ID: #VU55315

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-23343

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation in splitDeviceRe, splitTailRe, and splitPathRe regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Mitigation

Update the affected package nodejs8 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP3

SUSE Enterprise Storage: 6 - 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

SUSE Linux Enterprise Server: 15-LTSS - 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP2-LTSS

SUSE CaaS Platform: 4.0

nodejs8-docs: before 8.17.0-10.19.2

nodejs-common: before 2.0-3.4.1

npm8: before 8.17.0-10.19.2

nodejs8-devel: before 8.17.0-10.19.2

nodejs8-debugsource: before 8.17.0-10.19.2

nodejs8-debuginfo: before 8.17.0-10.19.2

nodejs8: before 8.17.0-10.19.2

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Absolute Path Traversal

EUVDB-ID: #VU58206

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32803

CWE-ID: CWE-36 - Absolute Path Traversal

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to a logic issue when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the node-tar directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where node-tar checks for symlinks occur.

By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite.

Mitigation

Update the affected package nodejs8 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP3

SUSE Enterprise Storage: 6 - 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

SUSE Linux Enterprise Server: 15-LTSS - 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP2-LTSS

SUSE CaaS Platform: 4.0

nodejs8-docs: before 8.17.0-10.19.2

nodejs-common: before 2.0-3.4.1

npm8: before 8.17.0-10.19.2

nodejs8-devel: before 8.17.0-10.19.2

nodejs8-debugsource: before 8.17.0-10.19.2

nodejs8-debuginfo: before 8.17.0-10.19.2

nodejs8: before 8.17.0-10.19.2

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Absolute Path Traversal

EUVDB-ID: #VU58205

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32804

CWE-ID: CWE-36 - Absolute Path Traversal

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to a logic issue when file paths contained repeated path roots such as ////home/user/.bashrc. node-tar would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. ///home/user/.bashrc) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite.

Mitigation

Update the affected package nodejs8 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP3

SUSE Enterprise Storage: 6 - 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

SUSE Linux Enterprise Server: 15-LTSS - 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP2-LTSS

SUSE CaaS Platform: 4.0

nodejs8-docs: before 8.17.0-10.19.2

nodejs-common: before 2.0-3.4.1

npm8: before 8.17.0-10.19.2

nodejs8-devel: before 8.17.0-10.19.2

nodejs8-debugsource: before 8.17.0-10.19.2

nodejs8-debuginfo: before 8.17.0-10.19.2

nodejs8: before 8.17.0-10.19.2

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU57967

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3807

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when matching crafted invalid ANSI escape codes in ansi-regex. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package nodejs8 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP3

SUSE Enterprise Storage: 6 - 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

SUSE Linux Enterprise Server: 15-LTSS - 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP2-LTSS

SUSE CaaS Platform: 4.0

nodejs8-docs: before 8.17.0-10.19.2

nodejs-common: before 2.0-3.4.1

npm8: before 8.17.0-10.19.2

nodejs8-devel: before 8.17.0-10.19.2

nodejs8-debugsource: before 8.17.0-10.19.2

nodejs8-debuginfo: before 8.17.0-10.19.2

nodejs8: before 8.17.0-10.19.2

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Code Injection

EUVDB-ID: #VU64034

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3918

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient sanitization of user-supplied data during the validation of a JSON object. A remote attacker can pass a specially crafted JSON file for validation and execute arbitrary code.

Mitigation

Update the affected package nodejs8 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP: 15-SP1 - 15-SP3

SUSE Enterprise Storage: 6 - 7.1

SUSE Manager Server: 4.1

SUSE Manager Retail Branch Server: 4.1

SUSE Manager Proxy: 4.1

SUSE Linux Enterprise Server: 15-LTSS - 15-SP2-LTSS

SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-SP2-LTSS

SUSE CaaS Platform: 4.0

nodejs8-docs: before 8.17.0-10.19.2

nodejs-common: before 2.0-3.4.1

npm8: before 8.17.0-10.19.2

nodejs8-devel: before 8.17.0-10.19.2

nodejs8-debugsource: before 8.17.0-10.19.2

nodejs8-debuginfo: before 8.17.0-10.19.2

nodejs8: before 8.17.0-10.19.2

External links

http://www.suse.com/support/update/announcement/2022/suse-su-20220704-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###