A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior could be exploited as a timing oracle to infer HMAC values.
Node.js already provides timing-safe comparison primitives used elsewhere in the codebase, indicating this is an oversight rather than an intentional design decision.
This vulnerability affects 20.x, 22.x, 24.x, and 25.x.
Weakness
Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | RedHat | nodejs24-1:24.14.1-2.el10_1 | * |
| Red Hat Enterprise Linux 8 | RedHat | nodejs:24-8100020260408131901.6d880403 | * |
| Red Hat Enterprise Linux 9 | RedHat | nodejs:24-9070020260402152654.rhel9 | * |
| Nodejs | Ubuntu | esm-apps/xenial | * |
| Nodejs | Ubuntu | upstream | * |
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/462.html
- https://cwe.mitre.org/data/definitions/541.html
- https://cwe.mitre.org/data/definitions/580.html