A vulnerability classified as problematic has been found in LibSass up to 3.5.4 (Programming Language Software). This affects the function clone of the file ast.cpp. The manipulation with an unknown input leads to a resource consumption vulnerability. CWE is classifying the issue as CWE-400. The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources. This is going to have an impact on availability. The summary by CVE is:

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().

The bug was discovered 06/02/2018. The weakness was disclosed 12/04/2018 (Website). It is possible to read the advisory at github.com. This vulnerability is uniquely identified as CVE-2018-19838 since 12/03/2018. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. It demands that the victim is doing some kind of user interaction. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1499 according to MITRE ATT&CK.

The vulnerability was handled as a non-public zero-day exploit for at least 185 days. During that time the estimated underground price was around $0-$5k.

Upgrading to version 3.5.5 eliminates this vulnerability.

The entries 127468 and 127466 are pretty similar.

Productinfo

Type

• Programming Language Software

Name

• LibSass

Version

• 3.5.0
• 3.5.1
• 3.5.2
• 3.5.3
• 3.5.4

License

• free

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion