GHSA-C25X-CM9X-QQGX
Vulnerability from github – Published: 2023-03-23 23:13 – Updated: 2023-05-01 21:25
VLAI?
Summary
Deno improperly handles resizable ArrayBuffer
Details
Impact
Resizable ArrayBuffers passed to asynchronous native functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write.
It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0.
Deno Deploy users are not affected.
Patches
The problem has been resolved by disabling resizable ArrayBuffers temporarily in Deno 1.32.1. A future version of Deno will re-enable resizable ArrayBuffers with a proper fix.
Workarounds
Upgrade to Deno 1.32.1, or run with --v8-flags=--no-harmony-rab-gsab to disable resizable ArrayBuffers.
Severity ?
9.9 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "crates.io",
"name": "Deno"
},
"ranges": [
{
"events": [
{
"introduced": "1.32.0"
},
{
"fixed": "1.32.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.32.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "serde_v8"
},
"ranges": [
{
"events": [
{
"introduced": "0.87.0"
},
{
"fixed": "0.88.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.87.0"
]
},
{
"package": {
"ecosystem": "crates.io",
"name": "deno_runtime"
},
"ranges": [
{
"events": [
{
"introduced": "0.102.0"
},
{
"fixed": "0.103.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.102.0"
]
}
],
"aliases": [
"CVE-2023-28445"
],
"database_specific": {
"cwe_ids": [
"CWE-125",
"CWE-787"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-23T23:13:25Z",
"nvd_published_at": "2023-03-24T00:15:00Z",
"severity": "CRITICAL"
},
"details": "### Impact\n\n[Resizable ArrayBuffers](https://github.com/tc39/proposal-resizablearraybuffer) passed to asynchronous native functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write.\n\nIt is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0.\n\nDeno Deploy users are not affected.\n\n### Patches\n\nThe problem has been resolved by disabling resizable ArrayBuffers temporarily in Deno 1.32.1. A future version of Deno will re-enable resizable ArrayBuffers with a proper fix.\n\n### Workarounds\n\nUpgrade to Deno 1.32.1, or run with `--v8-flags=--no-harmony-rab-gsab` to disable resizable ArrayBuffers.",
"id": "GHSA-c25x-cm9x-qqgx",
"modified": "2023-05-01T21:25:28Z",
"published": "2023-03-23T23:13:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/denoland/deno/security/advisories/GHSA-c25x-cm9x-qqgx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28445"
},
{
"type": "WEB",
"url": "https://github.com/denoland/deno/pull/18395"
},
{
"type": "WEB",
"url": "https://github.com/denoland/deno/pull/18452"
},
{
"type": "PACKAGE",
"url": "https://github.com/denoland/deno"
},
{
"type": "WEB",
"url": "https://github.com/denoland/deno/releases/tag/v1.32.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Deno improperly handles resizable ArrayBuffer"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…