Vulnerabilities > CVE-2020-10531 - Integer Overflow or Wraparound vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH network
low complexity
icu-project
redhat
google
fedoraproject
debian
canonical
opensuse
oracle
nodejs
CWE-190
nessus
Summary
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Forced Integer Overflow This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2020-39E0B8BD14.NASL description Update to 80.0.3987.149. Upstream says it fixes last seen 2020-05-31 modified 2020-03-30 plugin id 134990 published 2020-03-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134990 title Fedora 30 : chromium (2020-39e0b8bd14) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2020-39e0b8bd14. # include("compat.inc"); if (description) { script_id(134990); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/29"); script_cve_id("CVE-2019-20446", "CVE-2019-20503", "CVE-2020-10531", "CVE-2020-6378", "CVE-2020-6379", "CVE-2020-6380", "CVE-2020-6381", "CVE-2020-6382", "CVE-2020-6383", "CVE-2020-6384", "CVE-2020-6385", "CVE-2020-6386", "CVE-2020-6387", "CVE-2020-6388", "CVE-2020-6389", "CVE-2020-6390", "CVE-2020-6391", "CVE-2020-6392", "CVE-2020-6393", "CVE-2020-6394", "CVE-2020-6395", "CVE-2020-6396", "CVE-2020-6397", "CVE-2020-6398", "CVE-2020-6399", "CVE-2020-6400", "CVE-2020-6401", "CVE-2020-6402", "CVE-2020-6403", "CVE-2020-6404", "CVE-2020-6405", "CVE-2020-6406", "CVE-2020-6407", "CVE-2020-6408", "CVE-2020-6409", "CVE-2020-6410", "CVE-2020-6411", "CVE-2020-6412", "CVE-2020-6413", "CVE-2020-6414", "CVE-2020-6415", "CVE-2020-6416", "CVE-2020-6417", "CVE-2020-6418", "CVE-2020-6420", "CVE-2020-6422", "CVE-2020-6424", "CVE-2020-6425", "CVE-2020-6426", "CVE-2020-6427", "CVE-2020-6428", "CVE-2020-6429", "CVE-2020-6449"); script_xref(name:"FEDORA", value:"2020-39e0b8bd14"); script_name(english:"Fedora 30 : chromium (2020-39e0b8bd14)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to 80.0.3987.149. Upstream says it fixes '13' security issues, but only lists these CVEs : - CVE-2020-6422: Use after free in WebGL - CVE-2020-6424: Use after free in media - CVE-2020-6425: Insufficient policy enforcement in extensions. - CVE-2020-6426: Inappropriate implementation in V8 - CVE-2020-6427: Use after free in audio - CVE-2020-6428: Use after free in audio - CVE-2020-6429: Use after free in audio. - CVE-2019-20503: Out of bounds read in usersctplib. - CVE-2020-6449: Use after free in audio ---- Update to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled by default except on NVIDIA. List of CVEs fixed (since last update) : - CVE-2019-20446 - CVE-2020-6381 - CVE-2020-6382 - CVE-2020-6383 - CVE-2020-6384 - CVE-2020-6385 - CVE-2020-6386 - CVE-2020-6387 - CVE-2020-6388 - CVE-2020-6389 - CVE-2020-6390 - CVE-2020-6391 - CVE-2020-6392 - CVE-2020-6393 - CVE-2020-6394 - CVE-2020-6395 - CVE-2020-6396 - CVE-2020-6397 - CVE-2020-6398 - CVE-2020-6399 - CVE-2020-6400 - CVE-2020-6401 - CVE-2020-6402 - CVE-2020-6403 - CVE-2020-6404 - CVE-2020-6405 - CVE-2020-6406 - CVE-2020-6407 - CVE-2020-6408 - CVE-2020-6409 - CVE-2020-6410 - CVE-2020-6411 - CVE-2020-6412 - CVE-2020-6413 - CVE-2020-6414 - CVE-2020-6415 - CVE-2020-6416 - CVE-2020-6417 - CVE-2020-6418 - CVE-2020-6420 ---- Update to 79.0.3945.130. Fixes the following security issues : - CVE-2020-6378 - CVE-2020-6379 - CVE-2020-6380 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-39e0b8bd14" ); script_set_attribute( attribute:"solution", value:"Update the affected chromium package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Google Chrome 80 JSCreate side-effect type confusion exploit'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/02"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC30", reference:"chromium-80.0.3987.149-1.fc30", allowmaj:TRUE)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium"); }NASL family Scientific Linux Local Security Checks NASL id SL_20200318_ICU_ON_SL6_X.NASL description Security Fix(es) : - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) last seen 2020-03-24 modified 2020-03-19 plugin id 134692 published 2020-03-19 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134692 title Scientific Linux Security Update : icu on SL6.x i386/x86_64 (20200318) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(134692); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/23"); script_cve_id("CVE-2020-10531"); script_name(english:"Scientific Linux Security Update : icu on SL6.x i386/x86_64 (20200318)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Security Fix(es) : - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2003&L=SCIENTIFIC-LINUX-ERRATA&P=12624 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?248d232a" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:icu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:icu-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libicu-doc"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL6", reference:"icu-4.2.1-15.el6_10")) flag++; if (rpm_check(release:"SL6", reference:"icu-debuginfo-4.2.1-15.el6_10")) flag++; if (rpm_check(release:"SL6", reference:"libicu-4.2.1-15.el6_10")) flag++; if (rpm_check(release:"SL6", reference:"libicu-devel-4.2.1-15.el6_10")) flag++; if (rpm_check(release:"SL6", reference:"libicu-doc-4.2.1-15.el6_10")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "icu / icu-debuginfo / libicu / libicu-devel / libicu-doc"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4646.NASL description Andre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code. last seen 2020-03-30 modified 2020-03-26 plugin id 134917 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134917 title Debian DSA-4646-1 : icu - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4646. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(134917); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2020-10531"); script_xref(name:"DSA", value:"4646"); script_name(english:"Debian DSA-4646-1 : icu - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Andre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/icu" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/icu" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/buster/icu" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2020/dsa-4646" ); script_set_attribute( attribute:"solution", value: "Upgrade the icu packages. For the oldstable distribution (stretch), this problem has been fixed in version 57.1-6+deb9u4. For the stable distribution (buster), this problem has been fixed in version 63.1-6+deb10u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:icu"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"10.0", prefix:"icu-devtools", reference:"63.1-6+deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"icu-doc", reference:"63.1-6+deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"libicu-dev", reference:"63.1-6+deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"libicu63", reference:"63.1-6+deb10u1")) flag++; if (deb_check(release:"9.0", prefix:"icu-devtools", reference:"57.1-6+deb9u4")) flag++; if (deb_check(release:"9.0", prefix:"icu-devtools-dbg", reference:"57.1-6+deb9u4")) flag++; if (deb_check(release:"9.0", prefix:"icu-doc", reference:"57.1-6+deb9u4")) flag++; if (deb_check(release:"9.0", prefix:"libicu-dev", reference:"57.1-6+deb9u4")) flag++; if (deb_check(release:"9.0", prefix:"libicu57", reference:"57.1-6+deb9u4")) flag++; if (deb_check(release:"9.0", prefix:"libicu57-dbg", reference:"57.1-6+deb9u4")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1343.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1343 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-21 modified 2020-04-07 plugin id 135272 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135272 title RHEL 8 : nodejs:10 (RHSA-2020:1343) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1343. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135272); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/20"); script_cve_id("CVE-2020-10531"); script_xref(name:"RHSA", value:"2020:1343"); script_name(english:"RHEL 8 : nodejs:10 (RHSA-2020:1343)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing a security update."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1343 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/190.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1343"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-10531"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-10531"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_cwe_id(190); script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/07"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0"); script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0::appstream"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-nodemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nodejs-packaging"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:npm"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); module_ver = get_kb_item('Host/RedHat/appstream/nodejs'); if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10'); if ('10' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module nodejs:' + module_ver); appstreams = { 'nodejs:10': [ {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-debugsource-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-devel-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-docs-10.19.0-2.module+el8.0.0+6119+7cbe4838', 'release':'8', 'epoch':'1'}, {'reference':'nodejs-nodemon-1.18.3-1.module+el8+2632+6c5111ed', 'release':'8'}, {'reference':'nodejs-packaging-17-3.module+el8+2873+aa7dfd9a', 'release':'8'}, {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'aarch64', 'release':'8', 'epoch':'1'}, {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'s390x', 'release':'8', 'epoch':'1'}, {'reference':'npm-6.13.4-1.10.19.0.2.module+el8.0.0+6119+7cbe4838', 'cpu':'x86_64', 'release':'8', 'epoch':'1'} ], }; flag = 0; appstreams_found = 0; foreach module (keys(appstreams)) { appstream = NULL; appstream_name = NULL; appstream_version = NULL; appstream_split = split(module, sep:':', keep:FALSE); if (!empty_or_null(appstream_split)) { appstream_name = appstream_split[0]; appstream_version = appstream_split[1]; appstream = get_kb_item('Host/RedHat/appstream/' + appstream_name); } if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') { appstreams_found++; foreach package_array ( appstreams[module] ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++; } } } } if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module nodejs:10'); if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs / nodejs-debugsource / nodejs-devel / etc'); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1602.NASL description According to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-06 modified 2020-06-02 plugin id 137020 published 2020-06-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137020 title EulerOS 2.0 SP5 : icu (EulerOS-SA-2020-1602) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2151.NASL description It was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code. For Debian 8 last seen 2020-03-26 modified 2020-03-23 plugin id 134768 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134768 title Debian DLA-2151-1 : icu security update NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202003-15.NASL description The remote host is affected by the vulnerability described in GLSA-202003-15 (ICU: Integer overflow) It was discovered that ICU’s UnicodeString::doAppend() function is vulnerable to an integer overflow. Please review the CVE identifiers referenced below for more details. Impact : A remote attacker could entice a user to process a specially crafted string in an application linked against ICU, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-03-21 modified 2020-03-16 plugin id 134592 published 2020-03-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134592 title GLSA-202003-15 : ICU: Integer overflow NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-1180-1.NASL description This update for icu fixes the following issues : CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend() (bsc#1166844). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-15 modified 2020-05-11 plugin id 136465 published 2020-05-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136465 title SUSE SLES12 Security Update : icu (SUSE-SU-2020:1180-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1568.NASL description According to the versions of the icu package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.(CVE-2017-15422) - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-05-01 plugin id 136271 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136271 title EulerOS Virtualization for ARM 64 3.0.2.0 : icu (EulerOS-SA-2020-1568) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4305-1.NASL description Andre Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-21 modified 2020-03-18 plugin id 134663 published 2020-03-18 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134663 title Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : icu vulnerability (USN-4305-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0901.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0901 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-03-23 plugin id 134830 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134830 title RHEL 8 : icu (RHSA-2020:0901) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0896.NASL description From Red Hat Security Advisory 2020:0896 : The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-03-20 plugin id 134751 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134751 title Oracle Linux 6 : icu (ELSA-2020-0896) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1293.NASL description From Red Hat Security Advisory 2020:1293 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1293 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-06 plugin id 135218 published 2020-04-06 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135218 title Oracle Linux 8 : nodejs:12 (ELSA-2020-1293) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0897.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-03-23 plugin id 134833 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134833 title RHEL 7 : icu (RHSA-2020:0897) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0897.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-03-26 plugin id 134909 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134909 title CentOS 7 : icu (CESA-2020:0897) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0896.NASL description The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-03-23 plugin id 134834 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134834 title RHEL 6 : icu (RHSA-2020:0896) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0896.NASL description The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0896 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-03-26 plugin id 134908 published 2020-03-26 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134908 title CentOS 6 : icu (CESA-2020:0896) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1293.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1293 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-21 modified 2020-04-02 plugin id 135174 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135174 title RHEL 8 : nodejs:12 (RHSA-2020:1293) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1317.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1317 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-05-21 modified 2020-04-07 plugin id 135259 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135259 title RHEL 8 : nodejs:10 (RHSA-2020:1317) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0897.NASL description From Red Hat Security Advisory 2020:0897 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0897 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-03-19 plugin id 134691 published 2020-03-19 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134691 title Oracle Linux 7 : icu (ELSA-2020-0897) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0738.NASL description An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Chromium is an open source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 80.0.3987.122. Security Fix(es) : * ICU: Integer overflow in UnicodeString::doAppend() (BZ#1807349) * chromium-browser: Type confusion in V8 (CVE-2020-6383) * chromium-browser: Use after free in WebAudio (CVE-2020-6384) * chromium-browser: Use after free in speech (CVE-2020-6386) * chromium-browser: Out of bounds memory access in streams (CVE-2020-6407) * chromium-browser: Type confusion in V8 (CVE-2020-6418) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-02 modified 2020-03-10 plugin id 134360 published 2020-03-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134360 title RHEL 6 : chromium-browser (RHSA-2020:0738) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1506.NASL description According to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.(CVE-2020-10531) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2020-04-20 plugin id 135739 published 2020-04-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135739 title EulerOS 2.0 SP8 : icu (EulerOS-SA-2020-1506) NASL family Scientific Linux Local Security Checks NASL id SL_20200318_ICU_ON_SL7_X.NASL description Security Fix(es) : - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) last seen 2020-03-24 modified 2020-03-19 plugin id 134693 published 2020-03-19 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134693 title Scientific Linux Security Update : icu on SL7.x x86_64 (20200318) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2020-1418.NASL description An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. (CVE-2020-10531) last seen 2020-05-12 modified 2020-05-07 plugin id 136362 published 2020-05-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136362 title Amazon Linux 2 : icu (ALAS-2020-1418) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_11FCFA8FAC6411EA9DAB000D3AB229D6.NASL description Node.js reports : Updates are now available for all supported Node.js release lines for the following issues. TLS session reuse can lead to host certificate verification bypass (High) (CVE-2020-8172) The last seen 2020-06-13 modified 2020-06-12 plugin id 137382 published 2020-06-12 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137382 title FreeBSD : Node.js -- June 2020 Security Releases (11fcfa8f-ac64-11ea-9dab-000d3ab229d6) NASL family Fedora Local Security Checks NASL id FEDORA_2020-F6271D7AFA.NASL description Update to 80.0.3987.132. Lots of security fixes here. VAAPI re-enabled by default except on NVIDIA. List of CVEs fixed (since last update) : - CVE-2019-20446 - CVE-2020-6381 - CVE-2020-6382 - CVE-2020-6383 - CVE-2020-6384 - CVE-2020-6385 - CVE-2020-6386 - CVE-2020-6387 - CVE-2020-6388 - CVE-2020-6389 - CVE-2020-6390 - CVE-2020-6391 - CVE-2020-6392 - CVE-2020-6393 - CVE-2020-6394 - CVE-2020-6395 - CVE-2020-6396 - CVE-2020-6397 - CVE-2020-6398 - CVE-2020-6399 - CVE-2020-6400 - CVE-2020-6401 - CVE-2020-6402 - CVE-2020-6403 - CVE-2020-6404 - CVE-2020-6405 - CVE-2020-6406 - CVE-2020-6407 - CVE-2020-6408 - CVE-2020-6409 - CVE-2020-6410 - CVE-2020-6411 - CVE-2020-6412 - CVE-2020-6413 - CVE-2020-6414 - CVE-2020-6415 - CVE-2020-6416 - CVE-2020-6417 - CVE-2020-6418 - CVE-2020-6420 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-31 modified 2020-03-20 plugin id 134718 published 2020-03-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134718 title Fedora 31 : chromium (2020-f6271d7afa) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-459.NASL description This update for icu fixes the following issues : - CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend (bsc#1166844). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-04-10 modified 2020-04-06 plugin id 135222 published 2020-04-06 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135222 title openSUSE Security Update : icu (openSUSE-2020-459) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0819-1.NASL description This update for icu fixes the following issues : CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend (bsc#1166844). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-07 modified 2020-04-02 plugin id 135164 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135164 title SUSE SLED15 / SLES15 Security Update : icu (SUSE-SU-2020:0819-1) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2020-1361.NASL description An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. (CVE-2020-10531) last seen 2020-04-30 modified 2020-04-24 plugin id 135937 published 2020-04-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135937 title Amazon Linux AMI : icu (ALAS-2020-1361) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0902.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0902 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-03-23 plugin id 134828 published 2020-03-23 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134828 title RHEL 8 : icu (RHSA-2020:0902) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1317.NASL description From Red Hat Security Advisory 2020:1317 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1317 advisory. - ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-16 plugin id 135663 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135663 title Oracle Linux 8 : nodejs:10 (ELSA-2020-1317)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://github.com/unicode-org/icu/pull/971
- https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08
- https://unicode-org.atlassian.net/browse/ICU-20958
- https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
- https://bugs.chromium.org/p/chromium/issues/detail?id=1044570
- https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
- https://access.redhat.com/errata/RHSA-2020:0738
- https://security.gentoo.org/glsa/202003-15
- https://lists.debian.org/debian-lts-announce/2020/03/msg00024.html
- https://www.debian.org/security/2020/dsa-4646
- https://usn.ubuntu.com/4305-1/
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/