1591013 – (CVE-2018-7161) CVE-2018-7161 nodejs: denial of service (DoS) by causing a node server providing an http2 server to crash

Bug 1591013 (CVE-2018-7161) - CVE-2018-7161 nodejs: denial of service (DoS) by causing a node server providing an http2 server to crash

Summary: CVE-2018-7161 nodejs: denial of service (DoS) by causing a node server provid...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-7161
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1591014 1591015 1591016 1596529
Blocks:	1591010
TreeView+	depends on / blocked

Reported:	2018-06-13 22:16 UTC by Laura Pardo
Modified:	2021-01-15 12:25 UTC (History)
CC List:	37 users (show)
Fixed In Version:	nodejs 10.4.1, nodejs 9.11.2, nodejs 8.11.3
Clone Of:
Environment:
Last Closed:	2021-01-15 12:25:18 UTC
Embargoed:

Attachments	(Terms of Use)

Description Laura Pardo 2018-06-13 22:16:00 UTC

A flaw was found in all versions of Node.js 8.x, 9.x, and 10.x. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available.


References:
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/

Comment 1 Laura Pardo 2018-06-13 22:16:52 UTC

Created nodejs tracking bugs for this issue:

Affects: epel-all [bug 1591015]
Affects: fedora-all [bug 1591014]

Comment 4 Cedric Buissart 2018-06-28 15:04:18 UTC

Upstream fix:
https://github.com/nodejs/node/commit/8bf213dbdc7e

Comment 5 Jason Shepherd 2018-06-29 07:20:41 UTC

RHOAR NodeJS 10.4.1, has already been released with a fix for this issue.

Comment 10 Jason Shepherd 2018-09-04 04:06:10 UTC

This issue doesn't affect NodeJS 6, or 0.10 used by openshift-enterprise-10/logging-kibana and logging-auth-proxy respectively.

Comment 11 Cedric Buissart 2018-11-08 15:19:10 UTC

This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2018:2949 https://access.redhat.com/errata/RHSA-2018:2949

Note You need to log in before you can comment on or make changes to this bug.

ahardin
athmanem
avibelli
bgeorges
bleanhar
cbuissar
ccoleman
cmacedo
dbeveniu
dedgar
dffrench
drusso
hesilva
hhorak
jbalunas
jgoulding
jmadigan
jokerman
jorton
jpallich
jshepherd
krathod
lgriffin
lthon
mchappel
mrunge
mszynkie
ngough
nodejs-sig
pgallagh
pwright
rruss
sgallagh
tchollingsworth
thrcka
trepel
zsvetlik