UBUNTU-CVE-2024-21896

See a problem?
Source
https://ubuntu.com/security/CVE-2024-21896
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-21896.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-21896
Related
  • CVE-2024-21896
Published
2024-02-20T02:15:00Z
Modified
2024-10-15T14:12:50Z
Summary
[none]
Details

The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monkey-patching Buffer internals, namely, Buffer.prototype.utf8Write, the application can modify the result of path.resolve(), which leads to a path traversal vulnerability. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

References

Affected packages

Ubuntu:24.10 / nodejs

Package

Name
nodejs
Purl
pkg:deb/ubuntu/nodejs?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

18.*

18.19.1+dfsg-6ubuntu5
18.20.1+dfsg-4ubuntu4

20.*

20.13.1+dfsg-2ubuntu6
20.14.0+dfsg-1ubuntu1
20.14.0+dfsg-2ubuntu1
20.14.0+dfsg-3ubuntu1
20.15.0+dfsg-1ubuntu3
20.16.0+dfsg-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "high",
    "priority_reason": "setting priority based on oss-security report"
}