[Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-23122/nodejs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon May 19 21:05:31 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a028894 by Salvatore Bonaccorso at 2025-05-19T22:03:47+02:00
Add information for CVE-2025-23122/nodejs

This appears to be a duplicate assignment for CVE-2025-23165 but it is
unclear which will "winn". Clarifying with the assigning CNAs. As the
CVE-2025-23165 CVE is mentioned as well in the commit message it looks
sensible to choose CVE-2025-23165.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,7 +89,13 @@ CVE-2025-23164 (A misconfigured access token mechanism in the Unifi Protect Appl
 CVE-2025-23123 (A malicious actor with access to the management network could execute  ...)
 	NOT-FOR-US: UniFi Protect
 CVE-2025-23122 (In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a  ...)
-	TODO: check
+	- nodejs 20.19.2+dfsg-1 (bug #1105832)
+	[bullseye] - nodejs <not-affected> (The vulnerable code was introduced later)
+	NOTE: https://nodejs.org/en/blog/vulnerability/may-2025-security-releases#corrupted-pointer-in-nodefsreadfileutf8const-functioncallbackinfovalue-args-when-args0-is-a-string-cve-2025-23165---low
+	NOTE: https://github.com/nodejs/node/issues/57800
+	NOTE: Fixed by: https://github.com/nodejs/node/commit/9e13bf0a81e15c7b3a9f1826dccbcea991d7e63a (v20.19.2)
+	NOTE: Introduced by: https://github.com/nodejs/node/commit/938471ef556f2d64257059b60889a8c84621eea6 (v20.8.0)
+	TODO: check, duplicate of CVE-2025-23165, contacting both CNAs to see which to retain
 CVE-2025-1627 (The Qi Blocks WordPress plugin before 1.4 does not validate and escape ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1626 (The Qi Blocks WordPress plugin before 1.4 does not validate and escape ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a028894fb2200876272fcaabfeab34fbc9ff1c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a028894fb2200876272fcaabfeab34fbc9ff1c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250519/88a3eb25/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list