SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2021:2823-1)

critical Nessus Plugin ID 152806

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2823-1 advisory.

- Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. (CVE-2021-22931)

- A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. (CVE-2021-3672)

- Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. (CVE-2021-22930)

- If the Node.js https API was used incorrectly and undefined was in passed for the rejectUnauthorized parameter, no error was returned and connections to servers with an expired certificate would have been accepted. (CVE-2021-22939)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected nodejs10, nodejs10-devel, nodejs10-docs and / or npm10 packages.

See Also

https://bugzilla.suse.com/1188881

https://bugzilla.suse.com/1188917

https://bugzilla.suse.com/1189369

https://bugzilla.suse.com/1189370

http://www.nessus.org/u?529051d9

https://www.suse.com/security/cve/CVE-2021-22930

https://www.suse.com/security/cve/CVE-2021-22931

https://www.suse.com/security/cve/CVE-2021-22939

https://www.suse.com/security/cve/CVE-2021-3672

Plugin Details

Severity: Critical

ID: 152806

File Name: suse_SU-2021-2823-1.nasl

Version: 1.8

Type: local

Agent: unix

Published: 8/25/2021

Updated: 1/26/2022

Supported Sensors: Nessus Agent

Risk Information

CVSS Score Source: CVE-2021-22931

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:nodejs10, p-cpe:/a:novell:suse_linux:nodejs10-devel, p-cpe:/a:novell:suse_linux:nodejs10-docs, p-cpe:/a:novell:suse_linux:npm10, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/24/2021

Vulnerability Publication Date: 8/11/2021

Reference Information

CVE: CVE-2021-3672, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939

SuSE: SUSE-SU-2021:2823-1

IAVB: 2021-B-0050-S