CVE-2023-23556

CVE-2023-23556

Name

CVE-2023-23556

Description

An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80
MISC	https://www.facebook.com/security/advisories/cve-2023-23556

Type

URI

MISC

https://github.com/facebook/hermes/commit/a6dcafe6ded8e61658b40f5699878cd19a481f80

MISC

https://www.facebook.com/security/advisories/cve-2023-23556

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:facebook:hermes::::::::`	hermes	>= None	< 2023-02-02

CPE URI

Source package

Min version

Max version

cpe:2.3:a:facebook:hermes:*:*:*:*:*:*:*:*

hermes

>= None

< 2023-02-02

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
hermes	3.18-community	1.9-r9	ScrumpyJack <scrumpyjack@st.ilet.to>	possibly vulnerable
hermes	3.19-community	1.9-r9	ScrumpyJack <scrumpyjack@st.ilet.to>	possibly vulnerable
hermes	3.20-community	1.9-r9	ScrumpyJack <scrumpyjack@st.ilet.to>	possibly vulnerable
hermes	edge-community	1.9-r10	ScrumpyJack <scrumpyjack@st.ilet.to>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

hermes

3.18-community

1.9-r9

ScrumpyJack <scrumpyjack@st.ilet.to>

possibly vulnerable

hermes

3.19-community