Bug 2043535 (CVE-2022-0144) - CVE-2022-0144 nodejs-shelljs: improper privilege management
Summary: CVE-2022-0144 nodejs-shelljs: improper privilege management
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-0144
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2043536 2044445 2048436 2048437 2048438 2065487 2065497
Blocks: 2043537
TreeView+ depends on / blocked
 
Reported: 2022-01-21 13:31 UTC by Guilherme de Almeida Suckevicz
Modified: 2022-05-31 12:53 UTC (History)
12 users (show)

Fixed In Version: shelljs 0.8
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the ShellJS library when the scripts used the exec function. Local users on the filesystem could take advantage of this as they can read the stdout of the ShellJS process. This issue discloses sensitive information, leading to privilege escalation. This flaw allows an attacker to craft stdout files, which leads to crashing the ShellJS scripts running with privileges.
Clone Of:
Environment:
Last Closed: 2022-04-21 05:31:01 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:1083 0 None None None 2022-03-28 19:36:31 UTC
Red Hat Product Errata RHSA-2022:1476 0 None None None 2022-04-20 23:46:06 UTC

Description Guilherme de Almeida Suckevicz 2022-01-21 13:31:59 UTC
shelljs is vulnerable to improper pPrivilege management.

Reference:
https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c

Upstream patch:
https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c

Comment 1 Guilherme de Almeida Suckevicz 2022-01-21 13:32:39 UTC
Created nodejs-shelljs tracking bugs for this issue:

Affects: epel-7 [bug 2043536]

Comment 2 juneau 2022-01-24 16:06:20 UTC
Marking services-rhcert affected/delegated. Affected code present in manifest, but use of affected function not found in cursory review of source.

Comment 5 errata-xmlrpc 2022-03-28 19:36:29 UTC
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7
  Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8

Via RHSA-2022:1083 https://access.redhat.com/errata/RHSA-2022:1083

Comment 6 errata-xmlrpc 2022-04-20 23:46:04 UTC
This issue has been addressed in the following products:

  Red Hat Advanced Cluster Management for Kubernetes 2.4 for RHEL 8

Via RHSA-2022:1476 https://access.redhat.com/errata/RHSA-2022:1476

Comment 7 Product Security DevOps Team 2022-04-21 05:30:59 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-0144


Note You need to log in before you can comment on or make changes to this bug.