PT-2022-5008 · Facebook · Hermes
Published
2022-10-10
·
Updated
2022-10-11
·
CVE-2022-40138
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Hermes versions prior to commit 6aa825e480d48127b480b08d13adf70033237097
Description
The issue is related to an integer conversion error in Hermes bytecode generation. This error could be used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. The exploitation of this issue is only possible in cases where Hermes is used to execute untrusted JavaScript. Most React Native applications are not affected due to this requirement.
Recommendations
For versions prior to commit 6aa825e480d48127b480b08d13adf70033237097, update to a version that includes the fix for the integer conversion error in Hermes bytecode generation. As a temporary workaround, consider restricting the execution of untrusted JavaScript in Hermes to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hermes