{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-22017", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "PUBLISHED", "assignerShortName": "hackerone", "dateReserved": "2024-01-04T01:04:06.573Z", "datePublished": "2024-03-19T04:32:34.137Z", "dateUpdated": "2024-08-15T18:17:49.440Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid().\nThis allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().\nThis vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21."}], "affected": [{"vendor": "Node.js", "product": "Node.js", "versions": [{"version": "18.18.0", "status": "affected", "lessThanOrEqual": "18.18.0", "versionType": "semver"}, {"version": "20.4.0", "status": "unaffected", "lessThanOrEqual": "20.4.0", "versionType": "semver"}, {"version": "21.6.1", "status": "unaffected", "lessThanOrEqual": "21.6.1", "versionType": "semver"}]}], "references": [{"url": "https://hackerone.com/reports/2170226"}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0007/"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L", "baseScore": 7.3, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-03-19T04:32:34.137Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.492Z"}, "title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/2170226", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/11/1", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0007/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-250", "lang": "en", "description": "CWE-250 Execution with Unnecessary Privileges"}]}], "affected": [{"vendor": "nodejs", "product": "nodejs", "cpes": ["cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "18.0.0", "status": "affected", "lessThan": "18.18.0", "versionType": "custom"}, {"version": "20.0.0", "status": "affected", "lessThan": "20.4.0", "versionType": "custom"}, {"version": "21.0.0", "status": "affected", "lessThan": "21.6.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-07T04:00:22.941212Z", "id": "CVE-2024-22017", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-15T18:17:49.440Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/2170226", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/11/1", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0007/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.492Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-22017", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-07T04:00:22.941212Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*"], "vendor": "nodejs", "product": "nodejs", "versions": [{"status": "affected", "version": "18.0.0", "lessThan": "18.18.0", "versionType": "custom"}, {"status": "affected", "version": "20.0.0", "lessThan": "20.4.0", "versionType": "custom"}, {"status": "affected", "version": "21.0.0", "lessThan": "21.6.1", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-15T18:17:44.696Z"}}], "cna": {"metrics": [{"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"}}], "affected": [{"vendor": "Node.js", "product": "Node.js", "versions": [{"status": "affected", "version": "18.18.0", "versionType": "semver", "lessThanOrEqual": "18.18.0"}, {"status": "unaffected", "version": "20.4.0", "versionType": "semver", "lessThanOrEqual": "20.4.0"}, {"status": "unaffected", "version": "21.6.1", "versionType": "semver", "lessThanOrEqual": "21.6.1"}]}], "references": [{"url": "https://hackerone.com/reports/2170226"}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0007/"}], "descriptions": [{"lang": "en", "value": "setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid().\nThis allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().\nThis vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-03-19T04:32:34.137Z"}}}, "cveMetadata": {"cveId": "CVE-2024-22017", "state": "PUBLISHED", "dateUpdated": "2024-08-15T18:17:49.440Z", "dateReserved": "2024-01-04T01:04:06.573Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2024-03-19T04:32:34.137Z", "assignerShortName": "hackerone"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid().\nThis allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().\nThis vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21."}, {"lang": "es", "value": "setuid() no afecta las operaciones io_uring internas de libuv si se inicializa antes de la llamada a setuid(). Esto permite que el proceso realice operaciones privilegiadas a pesar de haber perdido dichos privilegios mediante una llamada a setuid(). Esta vulnerabilidad afecta a todos los usuarios que utilizan una versi\u00f3n mayor o igual a Node.js 18.18.0, Node.js 20.4.0 y Node.js 21."}], "id": "CVE-2024-22017", "lastModified": "2024-08-15T19:35:04.510", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L", "version": "3.0"}, "exploitabilityScore": 1.5, "impactScore": 5.3, "source": "support@hackerone.com", "type": "Secondary"}]}, "published": "2024-03-19T05:15:10.073", "references": [{"source": "support@hackerone.com", "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"}, {"source": "support@hackerone.com", "url": "https://hackerone.com/reports/2170226"}, {"source": "support@hackerone.com", "url": "https://security.netapp.com/advisory/ntap-20240517-0007/"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:1687", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:20-8090020240228165436.a75119d5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:1688", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "nodejs:20-9030020240229115828.rhel9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-08T00:00:00Z"}], "bugzilla": {"description": "nodejs: setuid() does not drop all privileges due to io_uring", "id": "2265727", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265727"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-269", "details": ["setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid().\nThis allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().\nThis vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21.", "A flaw was found in Node.js, where the setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This issue allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid()."], "name": "CVE-2024-22017", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "nodejs:16/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "nodejs:18/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nodejs:18/nodejs", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-22017\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-22017"], "statement": "This vulnerability affects all users in active release lines 20.x, and 21.x.", "threat_severity": "Important", "upstream_fix": "nodejs 20.11.1"}