On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. This vulnerability affects all users in all active release lines: 18.x, 20.x, and 21.x. References: https://nodejs.org/en/blog/release/v18.19.1 https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#code-injection-and-privilege-escalation-through-linux-capabilities-cve-2024-21892---high
Created nodejs tracking bugs for this issue: Affects: epel-all [bug 2264584] Created nodejs18 tracking bugs for this issue: Affects: fedora-all [bug 2264585] Created nodejs20 tracking bugs for this issue: Affects: fedora-all [bug 2264586]
Created nodejs16 tracking bugs for this issue: Affects: fedora-all [bug 2264810] Created nodejs:13/nodejs tracking bugs for this issue: Affects: epel-all [bug 2264808] Created nodejs:16-epel/nodejs tracking bugs for this issue: Affects: epel-all [bug 2264809] Created nodejs:16/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2264811]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1510 https://access.redhat.com/errata/RHSA-2024:1510
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:1688 https://access.redhat.com/errata/RHSA-2024:1688
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1687 https://access.redhat.com/errata/RHSA-2024:1687
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:1880 https://access.redhat.com/errata/RHSA-2024:1880
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:1932 https://access.redhat.com/errata/RHSA-2024:1932