JerryScript 2.4.0 ecma-helpers.c ecma_deref_bigint memory corruption

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in JerryScript 2.4.0. This affects the function ecma_deref_bigint of the file ecma-helpers.c. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1133764906/13/2021VulD...confirm_urlhttps://github.com/jerryscript-project/jerryscript/issues/4402cve.mitre.org06/13/2021accepted70
1133764806/13/2021VulD...cve_nvd_summaryAn issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file.cve.mitre.org06/13/2021accepted70
1133764706/13/2021VulD...cve_assigned1611529200cve.mitre.org06/13/2021accepted70
1133283806/11/2021VulD...price_0day$0-$5ksee documentation06/11/2021accepted90
1133283706/11/2021VulD...cvss3_meta_tempscore5.5see documentation06/11/2021accepted90
1133283606/11/2021VulD...cvss3_meta_basescore5.5see documentation06/11/2021accepted90
1133283506/11/2021VulD...cvss3_vuldb_tempscore5.506/11/2021accepted90
1133283406/11/2021VulD...cvss3_vuldb_basescore5.506/11/2021accepted90
1133283306/11/2021VulD...cvss2_vuldb_tempscore5.206/11/2021accepted90
1133283206/11/2021VulD...cvss2_vuldb_basescore5.206/11/2021accepted90
1133283106/11/2021VulD...cvss3_vuldb_rlXderived from historical data06/11/2021accepted80
1133283006/11/2021VulD...cvss3_vuldb_eXderived from historical data06/11/2021accepted80
1133282906/11/2021VulD...cvss3_vuldb_uiNderived from historical data06/11/2021accepted80
1133282806/11/2021VulD...cvss3_vuldb_prLderived from historical data06/11/2021accepted80
1133282706/11/2021VulD...cvss3_vuldb_avAderived from historical data06/11/2021accepted80
1133282606/11/2021VulD...cvss2_vuldb_rlNDderived from historical data06/11/2021accepted80
1133282506/11/2021VulD...cvss2_vuldb_eNDderived from historical data06/11/2021accepted80
1133282406/11/2021VulD...cvss2_vuldb_auSderived from historical data06/11/2021accepted80
1133282306/11/2021VulD...cvss2_vuldb_avAderived from historical data06/11/2021accepted80
1133282206/11/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector06/11/2021accepted80

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!