Improper Control of Dynamically-Managed Code Resources in vm2 - CVE-2023-29199
Published: April 20, 2023 / Updated: May 17, 2023
Vulnerability identifier: #VU75366
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/U:Green
CVE-ID: CVE-2023-29199
CWE-ID: CWE-913
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Patrik Simek
Affected software:
vm2
vm2
Detailed vulnerability description
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to an error within the source code transformer. A remote user can bypass handleException() and leak unsanitized host exceptions. The obtain information can be used to escape the sandbox and run arbitrary code in host context.
How to mitigate CVE-2023-29199
Install updates from vendor's website.
Sources
- https://github.com/patriksimek/vm2/releases/tag/3.9.16
- https://github.com/patriksimek/vm2/issues/516
- https://github.com/patriksimek/vm2/security/advisories/GHSA-xj72-wvfv-8985
- https://github.com/patriksimek/vm2/commit/24c724daa7c09f003e556d7cd1c7a8381cb985d7
- https://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c