[Critical] vm2 <3.9.18 sandbox escape vulnerability (POC exists)

News 2023-06-12 09:13:20 views: null

Vulnerability description

vm2 is a Node.js-based sandbox environment that can use whitelisted Node built-in modules to run untrusted code. Proxy objects are used to intercept and redefine various operations of host objects.

In versions prior to vm2 3.9.18, because the prepareStackTrace function is directly called by the V8 engine, the error parameter in it has not been proxied by the handler defined by the vm2 library, resulting in the failure of the sandbox protection mechanism. Attackers can access the Function constructor in the host context to execute arbitrary system commands by constructing error objects and proxy objects.

Vulnerability name vm2 ❤️.9.18 sandbox escape vulnerability
Vulnerability type injection
Discovery time 2023/5/16
Vulnerability Breadth wide
MPS number MPS-h8kx-5m1p
CVE number CVE-2023-32314
CNVD number -

Sphere of influence

vm2@[0.1.0, 3.9.18)

Repair plan

Upgrade component vm2 to version 3.9.18 and above

reference link

https://www.oscs1024.com/hd/MPS-h8kx-5m1p

https://nvd.nist.gov/vuln/detail/CVE-2023-32314

https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5

https://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac

https://github.com/patriksimek/vm2/commit/d88105f99752305c5b8a77b63ddee3ec86912daf

About Murphy Security

Murphy Security is a technology company that provides you with professional software supply chain security management. The core team comes from Baidu, Huawei, Wuyun and other enterprises. The company provides customers with a complete software supply chain security management platform, and provides software with a full life cycle around SBOM Security management, platform capabilities include software component analysis, source security management, container image detection, vulnerability intelligence early warning and commercial software supply chain access assessment and other products. Provide customers with complete control capabilities from supply chain asset identification management, risk detection, security control, and one-key repair.
Open source project: https://github.com/murphysecurity/murphysec/?sf=qbyj

The product can be integrated with various tools in the existing development process at a very low cost, including seamless integration with dozens of tools such as IDE, Gitlab, Bitbucket, Jenkins, Harbor, and Nexus.
Free code security detection tool: https://www.murphysec.com/?sf=qbyj
Free intelligence subscription: https://www.oscs1024.com/cm/?sf=qbyj

insert image description here

Guess you like

Origin blog.csdn.net/murphysec/article/details/131091503
Recommended
Ranking
Enter the root node and an integer of a binary tree, and print out all paths where the sum of the node values in the binary tree is the input integer. Pop explanation in.
HTTP, HTTPS, FTP und TCP im Detail erklärt: die Funktionen und Eigenschaften der Protokolle
[Study notes] Berlekamp-Massey
Some insights as a junior front-end developer
[linux command] echo command and usage tips
Verilig-- state machine
Knowing the center point coordinates, angle, half length, and half width of Retangle2, calculate the four vertex coordinates and the midpoint coordinates of the four line segments
【uniapp】Google Maps
Unity uses Camera to make a small map display, and players can reach any location by clicking the small map
algorithmic analysis
Daily
More
2024-07-22(0)
2024-07-21(0)
2024-07-20(0)
2024-07-19(0)
2024-07-18(0)
2024-07-17(0)
2024-07-16(0)
2024-07-15(0)
2024-07-14(0)
2024-07-13(0)

Code World

© 2018 codetd.com