CVE-2018-7167
nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted parameters
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable.
La llamada a Buffer.fill() o Buffer.alloc() con algunos parámetros puede conducir a un bloqueo y a una denegación de servicio (DoS) posterior. Para abordar esta vulnerabilidad, las implementaciones de Buffer.alloc() y Buffer.fill() se actualizaron para que se llenen con cero en lugar de bloquearse en este tipo de casos. Todas las versiones de Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon") 9.x son vulnerables. Todas las versiones de Node.js 10.x (actual) NO son vulnerables.
It was found that the Buffer.fill() and Buffer.alloc() function may hang. An attacker able to control the input of these function could use this flaw to cause a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-15 CVE Reserved
- 2018-06-13 CVE Published
- 2024-01-31 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/106363 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases | 2022-08-29 | |
https://security.gentoo.org/glsa/202003-48 | 2022-08-29 | |
https://access.redhat.com/security/cve/CVE-2018-7167 | 2018-10-18 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1591006 | 2018-10-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | > 6.9.0 < 6.14.3 Search vendor "Nodejs" for product "Node.js" and version " > 6.9.0 < 6.14.3" | lts |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 8.9.0 < 8.11.3 Search vendor "Nodejs" for product "Node.js" and version " >= 8.9.0 < 8.11.3" | lts |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 9.0.0 < 9.11.2 Search vendor "Nodejs" for product "Node.js" and version " >= 9.0.0 < 9.11.2" | - |
Affected
|