Bug 2280600 (CVE-2024-4068) - CVE-2024-4068 braces: fails to limit the number of characters it can handle
Summary: CVE-2024-4068 braces: fails to limit the number of characters it can handle
Keywords:
Status: NEW
Alias: CVE-2024-4068
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2280611 2280612 2281796 2280610 2280613 2280614 2280615 2280616 2280617 2280618 2280619 2280620 2280621 2280622 2280623 2280624 2280625 2280626 2280627 2280628 2280629 2280630 2280631 2280777 2280780 2280787 2280788 2280789
Blocks: 2280602
TreeView+ depends on / blocked
 
Reported: 2024-05-15 11:10 UTC by Rohit Keshri
Modified: 2025-05-15 08:29 UTC (History)
206 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:11023 0 None None None 2024-12-12 20:00:39 UTC
Red Hat Product Errata RHSA-2024:7164 0 None None None 2024-09-26 03:47:28 UTC
Red Hat Product Errata RHSA-2024:8075 0 None None None 2024-10-14 18:00:56 UTC
Red Hat Product Errata RHSA-2024:8076 0 None None None 2024-10-14 18:00:08 UTC
Red Hat Product Errata RHSA-2024:8077 0 None None None 2024-10-14 17:59:31 UTC
Red Hat Product Errata RHSA-2024:8080 0 None None None 2024-10-14 18:07:33 UTC

Description Rohit Keshri 2024-05-15 11:10:57 UTC 
The NPM package `braces` fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.

https://devhub.checkmarx.com/cve-details/CVE-2024-4068/
https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308
https://github.com/micromatch/braces/issues/35
Comment 1 Rohit Keshri 2024-05-15 12:11:35 UTC 
Created ansible tracking bugs for this issue:

Affects: epel-all [bug 2280611]
Affects: fedora-all [bug 2280615]


Created breeze-icon-theme tracking bugs for this issue:

Affects: fedora-all [bug 2280616]


Created cachelib tracking bugs for this issue:

Affects: fedora-all [bug 2280617]


Created fbthrift tracking bugs for this issue:

Affects: fedora-all [bug 2280618]


Created golang-github-prometheus tracking bugs for this issue:

Affects: epel-7 [bug 2280610]
Affects: epel-all [bug 2280612]


Created golang-github-task tracking bugs for this issue:

Affects: fedora-all [bug 2280619]


Created h3 tracking bugs for this issue:

Affects: fedora-all [bug 2280620]


Created mozjs78 tracking bugs for this issue:

Affects: fedora-all [bug 2280621]


Created nodejs-bash-language-server tracking bugs for this issue:

Affects: fedora-all [bug 2280622]


Created nodejs-diagnostic-language-server tracking bugs for this issue:

Affects: fedora-all [bug 2280623]


Created nodejs-nodemon tracking bugs for this issue:

Affects: fedora-all [bug 2280624]


Created onnxruntime tracking bugs for this issue:

Affects: fedora-all [bug 2280625]


Created pgadmin4 tracking bugs for this issue:

Affects: fedora-all [bug 2280626]


Created phpMyAdmin tracking bugs for this issue:

Affects: fedora-all [bug 2280627]


Created qt6-qtwebengine tracking bugs for this issue:

Affects: fedora-all [bug 2280628]


Created rstudio tracking bugs for this issue:

Affects: fedora-all [bug 2280629]


Created seamonkey tracking bugs for this issue:

Affects: epel-all [bug 2280613]
Affects: fedora-all [bug 2280630]


Created yarnpkg tracking bugs for this issue:

Affects: epel-all [bug 2280614]
Affects: fedora-all [bug 2280631]
Comment 11 Dan Yocum 2024-08-28 19:41:02 UTC 
bugzilla--  :(
Comment 13 errata-xmlrpc 2024-09-26 03:47:17 UTC 
This issue has been addressed in the following products:

  Red Hat Migration Toolkit for Containers 1.8

Via RHSA-2024:7164 https://access.redhat.com/errata/RHSA-2024:7164
Comment 14 errata-xmlrpc 2024-10-14 17:59:20 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:8077 https://access.redhat.com/errata/RHSA-2024:8077
Comment 15 errata-xmlrpc 2024-10-14 17:59:58 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:8076 https://access.redhat.com/errata/RHSA-2024:8076
Comment 16 errata-xmlrpc 2024-10-14 18:00:45 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:8075 https://access.redhat.com/errata/RHSA-2024:8075
Comment 17 errata-xmlrpc 2024-10-14 18:07:21 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:8080 https://access.redhat.com/errata/RHSA-2024:8080
Comment 18 Borja Tarraso 2024-11-08 15:33:10 UTC 
This issue has been solved in RHACM 2.10.4 via this public advisory https://access.redhat.com/errata/RHSA-2024:4464
Comment 19 Borja Tarraso 2024-11-08 15:35:27 UTC 
This issue has been solved in RHACM 2.9.4 via this public advisory https://access.redhat.com/errata/RHBA-2024:3593
Comment 20 Borja Tarraso 2024-11-08 15:52:00 UTC 
This issue has been solved in MCE 2.5.3 via this public advisory https://access.redhat.com/errata/RHBA-2024:2862
Comment 21 Borja Tarraso 2024-11-08 16:06:21 UTC 
This issue has been solved in MCE 2.4.5 via this public advisory https://access.redhat.com/errata/RHBA-2024:3555
Comment 22 errata-xmlrpc 2024-12-12 20:00:29 UTC 
This issue has been addressed in the following products:

  HawtIO 4.0.0 for Red Hat build of Apache Camel 4

Via RHSA-2024:11023 https://access.redhat.com/errata/RHSA-2024:11023
Note You need to log in before you can comment on or make changes to this bug.