Vulnerabilities > CVE-2020-10531 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

Vulnerable Configurations

Part Description Count
Application
Icu-Project
105
Application
Google
5608
Application
Oracle
2
Application
Nodejs
32
OS
Redhat
3
OS
Fedoraproject
3
OS
Debian
3
OS
Canonical
5
OS
Opensuse
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-39E0B8BD14.NASL
    descriptionUpdate to 80.0.3987.149. Upstream says it fixes
    last seen2020-05-31
    modified2020-03-30
    plugin id134990
    published2020-03-30
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134990
    titleFedora 30 : chromium (2020-39e0b8bd14)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2020-39e0b8bd14.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134990);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/29");
    
      script_cve_id("CVE-2019-20446", "CVE-2019-20503", "CVE-2020-10531", "CVE-2020-6378", "CVE-2020-6379", "CVE-2020-6380", "CVE-2020-6381", "CVE-2020-6382", "CVE-2020-6383", "CVE-2020-6384", "CVE-2020-6385", "CVE-2020-6386", "CVE-2020-6387", "CVE-2020-6388", "CVE-2020-6389", "CVE-2020-6390", "CVE-2020-6391", "CVE-2020-6392", "CVE-2020-6393", "CVE-2020-6394", "CVE-2020-6395", "CVE-2020-6396", "CVE-2020-6397", "CVE-2020-6398", "CVE-2020-6399", "CVE-2020-6400", "CVE-2020-6401", "CVE-2020-6402", "CVE-2020-6403", "CVE-2020-6404", "CVE-2020-6405", "CVE-2020-6406", "CVE-2020-6407", "CVE-2020-6408", "CVE-2020-6409", "CVE-2020-6410", "CVE-2020-6411", "CVE-2020-6412", "CVE-2020-6413", "CVE-2020-6414", "CVE-2020-6415", "CVE-2020-6416", "CVE-2020-6417", "CVE-2020-6418", "CVE-2020-6420", "CVE-2020-6422", "CVE-2020-6424", "CVE-2020-6425", "CVE-2020-6426", "CVE-2020-6427", "CVE-2020-6428", "CVE-2020-6429", "CVE-2020-6449");
      script_xref(name:"FEDORA", value:"2020-39e0b8bd14");
    
      script_name(english:"Fedora 30 : chromium (2020-39e0b8bd14)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "Update to 80.0.3987.149. Upstream says it fixes '13' security issues,
    but only lists these CVEs :
    
      - CVE-2020-6422: Use after free in WebGL
    
      - CVE-2020-6424: Use after free in media
    
      - CVE-2020-6425: Insufficient policy enforcement in
        extensions. 
    
      - CVE-2020-6426: Inappropriate implementation in V8
    
      - CVE-2020-6427: Use after free in audio
    
      - CVE-2020-6428: Use after free in audio
    
      - CVE-2020-6429: Use after free in audio.
    
      - CVE-2019-20503: Out of bounds read in usersctplib.
    
      - CVE-2020-6449: Use after free in audio
    
    ----
    
    Update to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled
    by default except on NVIDIA.
    
    List of CVEs fixed (since last update) :
    
      - CVE-2019-20446
    
      - CVE-2020-6381 
    
      - CVE-2020-6382 
    
      - CVE-2020-6383 
    
      - CVE-2020-6384
    
      - CVE-2020-6385 
    
      - CVE-2020-6386
    
      - CVE-2020-6387 
    
      - CVE-2020-6388
    
      - CVE-2020-6389
    
      - CVE-2020-6390 
    
      - CVE-2020-6391
    
      - CVE-2020-6392 
    
      - CVE-2020-6393
    
      - CVE-2020-6394
    
      - CVE-2020-6395
    
      - CVE-2020-6396 
    
      - CVE-2020-6397 
    
      - CVE-2020-6398
    
      - CVE-2020-6399 
    
      - CVE-2020-6400 
    
      - CVE-2020-6401 
    
      - CVE-2020-6402 
    
      - CVE-2020-6403 
    
      - CVE-2020-6404 
    
      - CVE-2020-6405 
    
      - CVE-2020-6406 
    
      - CVE-2020-6407
    
      - CVE-2020-6408 
    
      - CVE-2020-6409 
    
      - CVE-2020-6410 
    
      - CVE-2020-6411 
    
      - CVE-2020-6412 
    
      - CVE-2020-6413 
    
      - CVE-2020-6414 
    
      - CVE-2020-6415 
    
      - CVE-2020-6416 
    
      - CVE-2020-6417
    
      - CVE-2020-6418
    
      - CVE-2020-6420 
    
    ----
    
    Update to 79.0.3945.130. Fixes the following security issues :
    
      - CVE-2020-6378
    
      - CVE-2020-6379
    
      - CVE-2020-6380
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-39e0b8bd14"
      );
      script_set_attribute(
        attribute:"solution",
        value:"Update the affected chromium package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 80 JSCreate side-effect type confusion exploit');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/30");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC30", reference:"chromium-80.0.3987.149-1.fc30", allowmaj:TRUE)) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200318_ICU_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)
    last seen2020-03-24
    modified2020-03-19
    plugin id134692
    published2020-03-19
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134692
    titleScientific Linux Security Update : icu on SL6.x i386/x86_64 (20200318)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134692);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/23");
    
      script_cve_id("CVE-2020-10531");
    
      script_name(english:"Scientific Linux Security Update : icu on SL6.x i386/x86_64 (20200318)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - ICU: Integer overflow in UnicodeString::doAppend()
        (CVE-2020-10531)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2003&L=SCIENTIFIC-LINUX-ERRATA&P=12624
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?248d232a"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:icu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:icu-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu-doc");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/19");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"icu-4.2.1-15.el6_10")) flag++;
    if (rpm_check(release:"SL6", reference:"icu-debuginfo-4.2.1-15.el6_10")) flag++;
    if (rpm_check(release:"SL6", reference:"libicu-4.2.1-15.el6_10")) flag++;
    if (rpm_check(release:"SL6", reference:"libicu-devel-4.2.1-15.el6_10")) flag++;
    if (rpm_check(release:"SL6", reference:"libicu-doc-4.2.1-15.el6_10")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "icu / icu-debuginfo / libicu / libicu-devel / libicu-doc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4646.NASL
    descriptionAndre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code.
    last seen2020-03-30
    modified2020-03-26
    plugin id134917
    published2020-03-26
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134917
    titleDebian DSA-4646-1 : icu - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4646. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(134917);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30");
    
      script_cve_id("CVE-2020-10531");
      script_xref(name:"DSA", value:"4646");
    
      script_name(english:"Debian DSA-4646-1 : icu - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Andre Bargull discovered an integer overflow in the International
    Components for Unicode (ICU) library which could result in denial of
    service and potentially the execution of arbitrary code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/icu"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/icu"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/buster/icu"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2020/dsa-4646"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the icu packages.
    
    For the oldstable distribution (stretch), this problem has been fixed
    in version 57.1-6+deb9u4.
    
    For the stable distribution (buster), this problem has been fixed in
    version 63.1-6+deb10u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/03/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"10.0", prefix:"icu-devtools", reference:"63.1-6+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"icu-doc", reference:"63.1-6+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libicu-dev", reference:"63.1-6+deb10u1")) flag++;
    if (deb_check(release:"10.0", prefix:"libicu63", reference:"63.1-6+deb10u1")) flag++;
    if (deb_check(release:"9.0", prefix:"icu-devtools", reference:"57.1-6+deb9u4")) flag++;
    if (deb_check(release:"9.0", prefix:"icu-devtools-dbg", reference:"57.1-6+deb9u4")) flag++;
    if (deb_check(release:"9.0", prefix:"icu-doc", reference:"57.1-6+deb9u4")) flag++;
    if (deb_check(release:"9.0", prefix:"libicu-dev", reference:"57.1-6+deb9u4")) flag++;
    if (deb_check(release:"9.0", prefix:"libicu57", reference:"57.1-6+deb9u4")) flag++;
    if (deb_check(release:"9.0", prefix:"libicu57-dbg", reference:"57.1-6+deb9u4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1343.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1343 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-05-21
    modified2020-04-07
    plugin id135272
    published2020-04-07
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135272
    titleRHEL 8 : nodejs:10 (RHSA-2020:1343)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:1343. The text
    # itself is copyright (C) Red Hat, Inc.
    #
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(135272);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20");
    
      script_cve_id("CVE-2020-10531");
      script_xref(name:"RHSA", value:"2020:1343");
    
      script_name(english:"RHEL 8 : nodejs:10 (RHSA-2020:1343)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Red Hat host is missing a security update.");
      script_set_attribute(attribute:"description", value:
    "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in
    the RHSA-2020:1343 advisory.
    
      - ICU: Integer overflow in UnicodeString::doAppend()
        (CVE-2020-10531)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/190.html");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1343");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-10531");
      script_set_attribute(attribute:"solution", value:
    "Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10531");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_cwe_id(190);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/07");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0::appstream");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:npm");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Red Hat Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    include('rpm.inc');
    
    if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item('Host/RedHat/release');
    if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
    
    if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item('Host/cpu');
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
    
    module_ver = get_kb_item('Host/RedHat/appstream/nodejs');
    if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');
    if ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver);
    
    appstreams = {
        'nodejs:10': [
          {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-docs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'release':'8', 'epoch':'1'},
          {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'release':'8'},
          {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'release':'8'},
          {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
          {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
          {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}
        ],
    };
    
    flag = 0;
    appstreams_found = 0;
    foreach module (keys(appstreams)) {
      appstream = NULL;
      appstream_name = NULL;
      appstream_version = NULL;
      appstream_split = split(module, sep:':', keep:FALSE);
      if (!empty_or_null(appstream_split)) {
        appstream_name = appstream_split[0];
        appstream_version = appstream_split[1];
        appstream = get_kb_item('Host/RedHat/appstream/' + appstream_name);
      }
      if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
        appstreams_found++;
        foreach package_array ( appstreams[module] ) {
          reference = NULL;
          release = NULL;
          sp = NULL;
          cpu = NULL;
          el_string = NULL;
          rpm_spec_vers_cmp = NULL;
          epoch = NULL;
          if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
          if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
          if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
          if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
          if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
          if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
          if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
          if (reference && release) {
            if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
          }
        }
      }
    }
    
    if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10');
    
    if (flag)
    {
      security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-debugsource / nodejs-devel / etc');
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1602.NASL
    descriptionAccording to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-06
    modified2020-06-02
    plugin id137020
    published2020-06-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137020
    titleEulerOS 2.0 SP5 : icu (EulerOS-SA-2020-1602)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-2151.NASL
    descriptionIt was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code. For Debian 8
    last seen2020-03-26
    modified2020-03-23
    plugin id134768
    published2020-03-23
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134768
    titleDebian DLA-2151-1 : icu security update
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-202003-15.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-202003-15 (ICU: Integer overflow) It was discovered that ICU&rsquo;s UnicodeString::doAppend() function is vulnerable to an integer overflow. Please review the CVE identifiers referenced below for more details. Impact : A remote attacker could entice a user to process a specially crafted string in an application linked against ICU, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-03-21
    modified2020-03-16
    plugin id134592
    published2020-03-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134592
    titleGLSA-202003-15 : ICU: Integer overflow
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-1180-1.NASL
    descriptionThis update for icu fixes the following issues : CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend() (bsc#1166844). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-15
    modified2020-05-11
    plugin id136465
    published2020-05-11
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136465
    titleSUSE SLES12 Security Update : icu (SUSE-SU-2020:1180-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1568.NASL
    descriptionAccording to the versions of the icu package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.(CVE-2017-15422) - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2020-05-01
    plugin id136271
    published2020-05-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136271
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2020-1568)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4305-1.NASL
    descriptionAndre Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-21
    modified2020-03-18
    plugin id134663
    published2020-03-18
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134663
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.10 : icu vulnerability (USN-4305-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0901.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0901 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-03-23
    plugin id134830
    published2020-03-23
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134830
    titleRHEL 8 : icu (RHSA-2020:0901)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-0896.NASL
    descriptionFrom Red Hat Security Advisory 2020:0896 : The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-03-20
    plugin id134751
    published2020-03-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134751
    titleOracle Linux 6 : icu (ELSA-2020-0896)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-1293.NASL
    descriptionFrom Red Hat Security Advisory 2020:1293 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1293 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-04-06
    plugin id135218
    published2020-04-06
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135218
    titleOracle Linux 8 : nodejs:12 (ELSA-2020-1293)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0897.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-03-23
    plugin id134833
    published2020-03-23
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134833
    titleRHEL 7 : icu (RHSA-2020:0897)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-0897.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-03-26
    plugin id134909
    published2020-03-26
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134909
    titleCentOS 7 : icu (CESA-2020:0897)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0896.NASL
    descriptionThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-03-23
    plugin id134834
    published2020-03-23
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134834
    titleRHEL 6 : icu (RHSA-2020:0896)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-0896.NASL
    descriptionThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-03-26
    plugin id134908
    published2020-03-26
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134908
    titleCentOS 6 : icu (CESA-2020:0896)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1293.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1293 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-05-21
    modified2020-04-02
    plugin id135174
    published2020-04-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135174
    titleRHEL 8 : nodejs:12 (RHSA-2020:1293)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1317.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1317 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-05-21
    modified2020-04-07
    plugin id135259
    published2020-04-07
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135259
    titleRHEL 8 : nodejs:10 (RHSA-2020:1317)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-0897.NASL
    descriptionFrom Red Hat Security Advisory 2020:0897 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-03-19
    plugin id134691
    published2020-03-19
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134691
    titleOracle Linux 7 : icu (ELSA-2020-0897)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0738.NASL
    descriptionAn update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Chromium is an open source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 80.0.3987.122. Security Fix(es) : * ICU: Integer overflow in UnicodeString::doAppend() (BZ#1807349) * chromium-browser: Type confusion in V8 (CVE-2020-6383) * chromium-browser: Use after free in WebAudio (CVE-2020-6384) * chromium-browser: Use after free in speech (CVE-2020-6386) * chromium-browser: Out of bounds memory access in streams (CVE-2020-6407) * chromium-browser: Type confusion in V8 (CVE-2020-6418) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-02
    modified2020-03-10
    plugin id134360
    published2020-03-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134360
    titleRHEL 6 : chromium-browser (RHSA-2020:0738)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1506.NASL
    descriptionAccording to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-03
    modified2020-04-20
    plugin id135739
    published2020-04-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135739
    titleEulerOS 2.0 SP8 : icu (EulerOS-SA-2020-1506)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200318_ICU_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)
    last seen2020-03-24
    modified2020-03-19
    plugin id134693
    published2020-03-19
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134693
    titleScientific Linux Security Update : icu on SL7.x x86_64 (20200318)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2020-1418.NASL
    descriptionAn issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. (CVE-2020-10531)
    last seen2020-05-12
    modified2020-05-07
    plugin id136362
    published2020-05-07
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136362
    titleAmazon Linux 2 : icu (ALAS-2020-1418)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_11FCFA8FAC6411EA9DAB000D3AB229D6.NASL
    descriptionNode.js reports : Updates are now available for all supported Node.js release lines for the following issues. TLS session reuse can lead to host certificate verification bypass (High) (CVE-2020-8172) The
    last seen2020-06-13
    modified2020-06-12
    plugin id137382
    published2020-06-12
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137382
    titleFreeBSD : Node.js -- June 2020 Security Releases (11fcfa8f-ac64-11ea-9dab-000d3ab229d6)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-F6271D7AFA.NASL
    descriptionUpdate to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled by default except on NVIDIA. List of CVEs fixed (since last update) : - CVE-2019-20446 - CVE-2020-6381 - CVE-2020-6382 - CVE-2020-6383 - CVE-2020-6384 - CVE-2020-6385 - CVE-2020-6386 - CVE-2020-6387 - CVE-2020-6388 - CVE-2020-6389 - CVE-2020-6390 - CVE-2020-6391 - CVE-2020-6392 - CVE-2020-6393 - CVE-2020-6394 - CVE-2020-6395 - CVE-2020-6396 - CVE-2020-6397 - CVE-2020-6398 - CVE-2020-6399 - CVE-2020-6400 - CVE-2020-6401 - CVE-2020-6402 - CVE-2020-6403 - CVE-2020-6404 - CVE-2020-6405 - CVE-2020-6406 - CVE-2020-6407 - CVE-2020-6408 - CVE-2020-6409 - CVE-2020-6410 - CVE-2020-6411 - CVE-2020-6412 - CVE-2020-6413 - CVE-2020-6414 - CVE-2020-6415 - CVE-2020-6416 - CVE-2020-6417 - CVE-2020-6418 - CVE-2020-6420 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-03-20
    plugin id134718
    published2020-03-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134718
    titleFedora 31 : chromium (2020-f6271d7afa)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-459.NASL
    descriptionThis update for icu fixes the following issues : - CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend (bsc#1166844). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-04-10
    modified2020-04-06
    plugin id135222
    published2020-04-06
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135222
    titleopenSUSE Security Update : icu (openSUSE-2020-459)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0819-1.NASL
    descriptionThis update for icu fixes the following issues : CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend (bsc#1166844). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-04-07
    modified2020-04-02
    plugin id135164
    published2020-04-02
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135164
    titleSUSE SLED15 / SLES15 Security Update : icu (SUSE-SU-2020:0819-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2020-1361.NASL
    descriptionAn issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. (CVE-2020-10531)
    last seen2020-04-30
    modified2020-04-24
    plugin id135937
    published2020-04-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135937
    titleAmazon Linux AMI : icu (ALAS-2020-1361)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0902.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0902 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-03-23
    plugin id134828
    published2020-03-23
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134828
    titleRHEL 8 : icu (RHSA-2020:0902)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-1317.NASL
    descriptionFrom Red Hat Security Advisory 2020:1317 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1317 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-04-16
    plugin id135663
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135663
    titleOracle Linux 8 : nodejs:10 (ELSA-2020-1317)

Redhat

advisories
  • bugzilla
    id1807349
    titleCVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentlibicu is earlier than 0:4.2.1-15.el6_10
            ovaloval:com.redhat.rhsa:tst:20200896001
          • commentlibicu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815011
        • AND
          • commentlibicu-doc is earlier than 0:4.2.1-15.el6_10
            ovaloval:com.redhat.rhsa:tst:20200896003
          • commentlibicu-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815013
        • AND
          • commentlibicu-devel is earlier than 0:4.2.1-15.el6_10
            ovaloval:com.redhat.rhsa:tst:20200896005
          • commentlibicu-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815017
        • AND
          • commenticu is earlier than 0:4.2.1-15.el6_10
            ovaloval:com.redhat.rhsa:tst:20200896007
          • commenticu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815015
    rhsa
    idRHSA-2020:0896
    released2020-03-18
    severityImportant
    titleRHSA-2020:0896: icu security update (Important)
  • bugzilla
    id1807349
    titleCVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentlibicu-doc is earlier than 0:50.2-4.el7_7
            ovaloval:com.redhat.rhsa:tst:20200897001
          • commentlibicu-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815013
        • AND
          • commenticu is earlier than 0:50.2-4.el7_7
            ovaloval:com.redhat.rhsa:tst:20200897003
          • commenticu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815015
        • AND
          • commentlibicu-devel is earlier than 0:50.2-4.el7_7
            ovaloval:com.redhat.rhsa:tst:20200897005
          • commentlibicu-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815017
        • AND
          • commentlibicu is earlier than 0:50.2-4.el7_7
            ovaloval:com.redhat.rhsa:tst:20200897007
          • commentlibicu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815011
    rhsa
    idRHSA-2020:0897
    released2020-03-18
    severityImportant
    titleRHSA-2020:0897: icu security update (Important)
  • bugzilla
    id1807349
    titleCVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentlibicu-doc is earlier than 0:60.3-2.el8_1
            ovaloval:com.redhat.rhsa:tst:20200902001
          • commentlibicu-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815013
        • AND
          • commenticu-debugsource is earlier than 0:60.3-2.el8_1
            ovaloval:com.redhat.rhsa:tst:20200902003
          • commenticu-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20200902004
        • AND
          • commentlibicu-devel is earlier than 0:60.3-2.el8_1
            ovaloval:com.redhat.rhsa:tst:20200902005
          • commentlibicu-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815017
        • AND
          • commentlibicu is earlier than 0:60.3-2.el8_1
            ovaloval:com.redhat.rhsa:tst:20200902007
          • commentlibicu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815011
        • AND
          • commenticu is earlier than 0:60.3-2.el8_1
            ovaloval:com.redhat.rhsa:tst:20200902009
          • commenticu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111815015
    rhsa
    idRHSA-2020:0902
    released2020-03-19
    severityImportant
    titleRHSA-2020:0902: icu security update (Important)
  • bugzilla
    id1807349
    titleCVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • commentModule nodejs:12 is enabled
        ovaloval:com.redhat.rhea:tst:20200330015
      • OR
        • AND
          • commentnpm is earlier than 1:6.13.4-1.12.16.1.2.module+el8.1.0+6117+b25a342c
            ovaloval:com.redhat.rhsa:tst:20201293001
          • commentnpm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330002
        • AND
          • commentnodejs-devel is earlier than 1:12.16.1-2.module+el8.1.0+6117+b25a342c
            ovaloval:com.redhat.rhsa:tst:20201293003
          • commentnodejs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330004
        • AND
          • commentnodejs-debugsource is earlier than 1:12.16.1-2.module+el8.1.0+6117+b25a342c
            ovaloval:com.redhat.rhsa:tst:20201293005
          • commentnodejs-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330006
        • AND
          • commentnodejs is earlier than 1:12.16.1-2.module+el8.1.0+6117+b25a342c
            ovaloval:com.redhat.rhsa:tst:20201293007
          • commentnodejs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330008
        • AND
          • commentnodejs-packaging is earlier than 0:17-3.module+el8.1.0+3369+37ae6a45
            ovaloval:com.redhat.rhea:tst:20200330009
          • commentnodejs-packaging is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330010
        • AND
          • commentnodejs-nodemon is earlier than 0:1.18.3-1.module+el8.1.0+3369+37ae6a45
            ovaloval:com.redhat.rhea:tst:20200330011
          • commentnodejs-nodemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330012
        • AND
          • commentnodejs-docs is earlier than 1:12.16.1-2.module+el8.1.0+6117+b25a342c
            ovaloval:com.redhat.rhsa:tst:20201293013
          • commentnodejs-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330014
    rhsa
    idRHSA-2020:1293
    released2020-04-02
    severityImportant
    titleRHSA-2020:1293: nodejs:12 security update (Important)
  • bugzilla
    id1807349
    titleCVE-2020-10531 ICU: Integer overflow in UnicodeString::doAppend()
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • commentModule nodejs:10 is enabled
        ovaloval:com.redhat.rhsa:tst:20192925015
      • OR
        • AND
          • commentnpm is earlier than 1:6.13.4-1.10.19.0.2.module+el8.1.0+6118+5aaa808b
            ovaloval:com.redhat.rhsa:tst:20201317001
          • commentnpm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330002
        • AND
          • commentnodejs-devel is earlier than 1:10.19.0-2.module+el8.1.0+6118+5aaa808b
            ovaloval:com.redhat.rhsa:tst:20201317003
          • commentnodejs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330004
        • AND
          • commentnodejs-debugsource is earlier than 1:10.19.0-2.module+el8.1.0+6118+5aaa808b
            ovaloval:com.redhat.rhsa:tst:20201317005
          • commentnodejs-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330006
        • AND
          • commentnodejs is earlier than 1:10.19.0-2.module+el8.1.0+6118+5aaa808b
            ovaloval:com.redhat.rhsa:tst:20201317007
          • commentnodejs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330008
        • AND
          • commentnodejs-packaging is earlier than 0:17-3.module+el8+2873+aa7dfd9a
            ovaloval:com.redhat.rhsa:tst:20192925009
          • commentnodejs-packaging is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330010
        • AND
          • commentnodejs-nodemon is earlier than 0:1.18.3-1.module+el8+2632+6c5111ed
            ovaloval:com.redhat.rhsa:tst:20192925011
          • commentnodejs-nodemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330012
        • AND
          • commentnodejs-docs is earlier than 1:10.19.0-2.module+el8.1.0+6118+5aaa808b
            ovaloval:com.redhat.rhsa:tst:20201317013
          • commentnodejs-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhea:tst:20200330014
    rhsa
    idRHSA-2020:1317
    released2020-04-06
    severityImportant
    titleRHSA-2020:1317: nodejs:10 security update (Important)
  • rhsa
    idRHSA-2020:0738
rpms
  • chromium-browser-0:80.0.3987.122-1.el6_10
  • chromium-browser-debuginfo-0:80.0.3987.122-1.el6_10
  • icu-0:4.2.1-15.el6_10
  • icu-debuginfo-0:4.2.1-15.el6_10
  • libicu-0:4.2.1-15.el6_10
  • libicu-devel-0:4.2.1-15.el6_10
  • libicu-doc-0:4.2.1-15.el6_10
  • icu-0:50.2-4.el7_7
  • icu-debuginfo-0:50.2-4.el7_7
  • libicu-0:50.2-4.el7_7
  • libicu-devel-0:50.2-4.el7_7
  • libicu-doc-0:50.2-4.el7_7
  • icu-0:60.3-2.el8_0
  • icu-debuginfo-0:60.3-2.el8_0
  • icu-debugsource-0:60.3-2.el8_0
  • libicu-0:60.3-2.el8_0
  • libicu-debuginfo-0:60.3-2.el8_0
  • libicu-devel-0:60.3-2.el8_0
  • libicu-devel-debuginfo-0:60.3-2.el8_0
  • libicu-doc-0:60.3-2.el8_0
  • icu-0:60.3-2.el8_1
  • icu-debuginfo-0:60.3-2.el8_1
  • icu-debugsource-0:60.3-2.el8_1
  • libicu-0:60.3-2.el8_1
  • libicu-debuginfo-0:60.3-2.el8_1
  • libicu-devel-0:60.3-2.el8_1
  • libicu-devel-debuginfo-0:60.3-2.el8_1
  • libicu-doc-0:60.3-2.el8_1
  • nodejs-1:12.16.1-2.module+el8.1.0+6117+b25a342c
  • nodejs-debuginfo-1:12.16.1-2.module+el8.1.0+6117+b25a342c
  • nodejs-debugsource-1:12.16.1-2.module+el8.1.0+6117+b25a342c
  • nodejs-devel-1:12.16.1-2.module+el8.1.0+6117+b25a342c
  • nodejs-docs-1:12.16.1-2.module+el8.1.0+6117+b25a342c
  • nodejs-nodemon-0:1.18.3-1.module+el8.1.0+3369+37ae6a45
  • nodejs-packaging-0:17-3.module+el8.1.0+3369+37ae6a45
  • npm-1:6.13.4-1.12.16.1.2.module+el8.1.0+6117+b25a342c
  • nodejs-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-debuginfo-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-debugsource-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-devel-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-devel-debuginfo-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-docs-1:10.19.0-2.module+el8.1.0+6118+5aaa808b
  • nodejs-nodemon-0:1.18.3-1.module+el8+2632+6c5111ed
  • nodejs-packaging-0:17-3.module+el8+2873+aa7dfd9a
  • npm-1:6.13.4-1.10.19.0.2.module+el8.1.0+6118+5aaa808b
  • nodejs-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-debuginfo-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-debugsource-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-devel-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-devel-debuginfo-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-docs-1:10.19.0-2.module+el8.0.0+6119+7cbe4838
  • nodejs-nodemon-0:1.18.3-1.module+el8+2632+6c5111ed
  • nodejs-packaging-0:17-3.module+el8+2873+aa7dfd9a
  • npm-1:6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838

References