SUSE update for nodejs16



Published: 2024-02-29
Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2023-46809
CVE-2024-22019
CVE-2024-22025
CVE-2024-24758
CVE-2024-24806
CWE-ID CWE-385
CWE-20
CWE-200
CWE-918
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Web and Scripting Module
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 12
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

nodejs16-docs
Operating systems & Components / Operating system package or component

nodejs16-devel
Operating systems & Components / Operating system package or component

nodejs16
Operating systems & Components / Operating system package or component

nodejs16-debugsource
Operating systems & Components / Operating system package or component

nodejs16-debuginfo
Operating systems & Components / Operating system package or component

npm16
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Covert Timing Channel

EUVDB-ID: #VU86724

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46809

CWE-ID: CWE-385 - Covert Timing Channel

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform Marvin attack.

The vulnerability exists due to a covert timing channel in the privateDecrypt() API of the crypto library. A remote attacker can perform a covert timing side-channel during PKCS#1 v1.5 padding error handling and decrypt captured RSA ciphertexts or forge signatures, especially in scenarios involving API endpoints processing Json Web Encryption messages.

Mitigation

Update the affected package nodejs16 to the latest version.

Vulnerable software versions

Web and Scripting Module: 12

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

nodejs16-docs: before 16.20.2-8.39.1

nodejs16-devel: before 16.20.2-8.39.1

nodejs16: before 16.20.2-8.39.1

nodejs16-debugsource: before 16.20.2-8.39.1

nodejs16-debuginfo: before 16.20.2-8.39.1

npm16: before 16.20.2-8.39.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240731-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU86721

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22019

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing HTTP requests with chunked encoding. A remote attacker can send specially crafted HTTP request to the server and perform a denial of service (DoS) attack.

Mitigation

Update the affected package nodejs16 to the latest version.

Vulnerable software versions

Web and Scripting Module: 12

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

nodejs16-docs: before 16.20.2-8.39.1

nodejs16-devel: before 16.20.2-8.39.1

nodejs16: before 16.20.2-8.39.1

nodejs16-debugsource: before 16.20.2-8.39.1

nodejs16-debuginfo: before 16.20.2-8.39.1

npm16: before 16.20.2-8.39.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240731-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU86733

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22025

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when handling brotli decoding. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package nodejs16 to the latest version.

Vulnerable software versions

Web and Scripting Module: 12

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

nodejs16-docs: before 16.20.2-8.39.1

nodejs16-devel: before 16.20.2-8.39.1

nodejs16: before 16.20.2-8.39.1

nodejs16-debugsource: before 16.20.2-8.39.1

nodejs16-debuginfo: before 16.20.2-8.39.1

npm16: before 16.20.2-8.39.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240731-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU86709

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24758

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the application does not clear the Proxy-Authentication HTTP header when handling cross-origin redirects. A remote attacker can gain access to sensitive information.

Mitigation

Update the affected package nodejs16 to the latest version.

Vulnerable software versions

Web and Scripting Module: 12

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

nodejs16-docs: before 16.20.2-8.39.1

nodejs16-devel: before 16.20.2-8.39.1

nodejs16: before 16.20.2-8.39.1

nodejs16-debugsource: before 16.20.2-8.39.1

nodejs16-debuginfo: before 16.20.2-8.39.1

npm16: before 16.20.2-8.39.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240731-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Server-Side Request Forgery (SSRF)

EUVDB-ID: #VU86707

Risk: Medium

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24806

CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input when handling hostnames longer than 256 characters within the uv_getaddrinfo() function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c. A remote attacker can pass a specially crafted hostname to the application, which can be resolved to an attacker controlled IP address and initiate unauthorized requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.

Mitigation

Update the affected package nodejs16 to the latest version.

Vulnerable software versions

Web and Scripting Module: 12

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

nodejs16-docs: before 16.20.2-8.39.1

nodejs16-devel: before 16.20.2-8.39.1

nodejs16: before 16.20.2-8.39.1

nodejs16-debugsource: before 16.20.2-8.39.1

nodejs16-debuginfo: before 16.20.2-8.39.1

npm16: before 16.20.2-8.39.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240731-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###