Debian Bug report logs -
#1015219
iotjs: CVE-2021-41682 CVE-2021-41683 CVE-2021-41751 CVE-2021-41959 CVE-2021-42863 CVE-2021-43453 CVE-2021-46170
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>:
Bug#1015219; Package src:iotjs.
(Sun, 17 Jul 2022 20:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>.
(Sun, 17 Jul 2022 20:15:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: iotjs
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerabilities were published for iotjs.
CVE-2021-41682[0]:
| There is a heap-use-after-free at ecma-helpers-string.c:1940 in
| ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0
https://github.com/jerryscript-project/jerryscript/issues/4747
https://github.com/jerryscript-project/jerryscript/commit/3ad76f932c8d2e3b9ba2d95e64848698ec7d7290
CVE-2021-41683[1]:
| There is a stack-overflow at ecma-helpers.c:326 in
| ecma_get_lex_env_type in JerryScript 2.4.0
https://github.com/jerryscript-project/jerryscript/issues/4745
CVE-2021-41751[2]:
| Buffer overflow vulnerability in file ecma-builtin-array-
| prototype.c:909 in function ecma_builtin_array_prototype_object_slice
| in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2
| on Oct 20, 2021.
https://github.com/jerryscript-project/jerryscript/pull/4797
https://github.com/jerryscript-project/jerryscript/commit/4912e3b739f4d00e51a46d883b020d2208be28a2
CVE-2021-41959[3]:
| JerryScript Git version 14ff5bf does not sufficiently track and
| release allocated memory via jerry-core/ecma/operations/ecma-regexp-
| object.c after RegExp, which causes a memory leak.
https://github.com/jerryscript-project/jerryscript/issues/4781
https://github.com/jerryscript-project/jerryscript/pull/4166
https://github.com/jerryscript-project/jerryscript/pull/4787
CVE-2021-42863[4]:
| A buffer overflow in ecma_builtin_typedarray_prototype_filter() in
| JerryScript version fe3a5c0 allows an attacker to construct a fake
| object or a fake arraybuffer with unlimited size.
https://github.com/jerryscript-project/jerryscript/issues/4793
https://github.com/jerryscript-project/jerryscript/pull/4794
https://github.com/jerryscript-project/jerryscript/commit/4e8d6344a8b5cf8f00bd3d5e869147af06d0189e
CVE-2021-43453[5]:
| A Heap-based Buffer Overflow vulnerability exists in JerryScript 2.4.0
| and prior versions via an out-of-bounds read in
| parser_parse_for_statement_start in the js-parser-statm.c file. This
| issue is similar to CVE-2020-29657.
https://github.com/jerryscript-project/jerryscript/pull/4808
https://github.com/jerryscript-project/jerryscript/issues/4754
Fixed by; https://github.com/jerryscript-project/jerryscript/commit/efe63a5bbc5106164a08ee2eb415a7a701f5311f
CVE-2021-46170[6]:
| An issue was discovered in JerryScript commit a6ab5e9. There is an
| Use-After-Free in lexer_compare_identifier_to_string in js-lexer.c
| file.
https://github.com/jerryscript-project/jerryscript/issues/4917
https://github.com/jerryscript-project/jerryscript/pull/4942/commits/5e1fdd1d1e75105b43392b4bb3996099cdc50f3d
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-41682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41682
[1] https://security-tracker.debian.org/tracker/CVE-2021-41683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41683
[2] https://security-tracker.debian.org/tracker/CVE-2021-41751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41751
[3] https://security-tracker.debian.org/tracker/CVE-2021-41959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41959
[4] https://security-tracker.debian.org/tracker/CVE-2021-42863
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42863
[5] https://security-tracker.debian.org/tracker/CVE-2021-43453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43453
[6] https://security-tracker.debian.org/tracker/CVE-2021-46170
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46170
Please adjust the affected versions in the BTS as needed.
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Mon Jul 18 13:16:09 2022;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon