The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
Weakness
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libsass | Sass-lang | * | 3.5.5 (including) |
| Libsass | Ubuntu | cosmic | * |
| Libsass | Ubuntu | disco | * |
| Libsass | Ubuntu | eoan | * |
| Libsass | Ubuntu | groovy | * |
| Libsass | Ubuntu | hirsute | * |
| Libsass | Ubuntu | impish | * |
| Libsass | Ubuntu | kinetic | * |
| Libsass | Ubuntu | lunar | * |
| Libsass | Ubuntu | mantic | * |
| Libsass | Ubuntu | upstream | * |
Potential Mitigations
Related Attack Patterns
References
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.html
- https://github.com/sass/libsass/issues/2658
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.html
- https://github.com/sass/libsass/issues/2658