The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary to remotely crash a Node.js runtime.
Weakness
An exception is thrown from a function, but it is not caught.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | RedHat | nodejs22-1:22.16.0-1.el10_0 | * |
| Red Hat Enterprise Linux 8 | RedHat | nodejs:22-8100020250527102348.6d880403 | * |
| Red Hat Enterprise Linux 8 | RedHat | nodejs:20-8100020250521115949.489197e6 | * |
| Red Hat Enterprise Linux 9 | RedHat | nodejs:22-9060020250529115509.rhel9 | * |
| Red Hat Enterprise Linux 9 | RedHat | nodejs:20-9060020250529100856.rhel9 | * |
| Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | nodejs:20-9040020250603124021.rhel9 | * |
| Nodejs | Ubuntu | esm-apps/noble | * |
| Nodejs | Ubuntu | noble | * |
| Nodejs | Ubuntu | oracular | * |
| Nodejs | Ubuntu | plucky | * |
| Nodejs | Ubuntu | upstream | * |