bellard quickjs
Moderate fix1 remedy
Moderate fix1 remedy
- <= 0.9.0
Quickjs-ng Heap-Based Buffer Overflow Vulnerability in BigInt Reader
Vulnerability
Patched
A heap-based buffer overflow vulnerability has been identified in quickjs-ng versions through 0.9.0. The issue arises from an incorrect size calculation in the BigInt reading function, JS_ReadBigInt, which leads to the allocation of insufficient memory. This flaw allows for writing beyond the allocated buffer, creating a potential security risk.
Impact
Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by compiling quickjs-ng with the AddressSanitizer (ASAN) enabled, and then using a crafted input that exploits the incorrect size calculation in the BigInt reader. This can be done by using a specific byte sequence that triggers the overflow when processed by the JavaScript engine.
Remediation
Users can update to quickjs-ng version 0.9.1 or later, where this vulnerability has been fixed.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
6.0remediation
7.7relevance
0.0threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.