CVE-2020-8277 PoC — Oracle GraalVM 资源管理错误漏洞

Source

https://github.com/masahiro331/CVE-2020-8277

Associated Vulnerability

Title:Oracle GraalVM 资源管理错误漏洞 (CVE-2020-8277)
Description:A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

Readme

# CVE-2020-8277

For educational purposes only.

## Quick Run 
```
# clone this repository
$ git clone https://github.com/masahiro331/CVE-2020-8277

# run bind
$ docker build -t bind-local  ./bind
# Need TCP fallback
$ docker run --rm --name bind -it -p 53:53 -p 53:53/udp bind

# use "< v15.2.1" version
# If you use fixed version, build node.
$ git clone https://github.com/nodejs/node
$ git checkout df211208c0
$ ./configure
$ make -j8
$ make install

# Run PoC
$ node main.js
```

## Details

See Reference for the details.    
https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/  
The advisory states that resolving a hostname that returns a large number of records will result in DoS.   


The vulnerability has read out of memory error.  
Affected line.   
https://github.com/nodejs/node/blob/1fd2c8142b611baadc973947b83c0863cb003d9d/src/cares_wrap.cc#L764

File Snapshot


 [4.0K]  /data/pocs/c1f10f0ec7f57f7926bab9e9727b183daea6f325
├── [4.0K]  bind
│   ├── [1.6K]  Dockerfile
│   └── [4.0K]  misc
│       ├── [ 77K]  masahiro331.com.zone
│       ├── [  37]  named
│       └── [1.9K]  named.conf
├── [ 220]  main.js
└── [ 888]  README.md

2 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!