GHSA-v62p-rq8g-8h59

Описание

Summary

On historic but declared as supported Node.js versions (0.12-2.x), pbkdf2 silently disregards Uint8Array input

This only affects Node.js <3.0.0, but pbkdf2 claims to:

• Support Node.js >= 0.12 (and there seems to be ongoing effort in this repo to maintain that)
• Support Uint8Array input (input is typechecked against Uint8Array, and the error message includes e.g. "Password must be a string, a Buffer, a typed array or a DataView"

Details

The error is in toBuffer method

This vulnerability somehow even made it to tests: https://github.com/browserify/pbkdf2/commit/eb9f97a66ed83836bebc4ff563a1588248708501 There, resultsOld (where mismatch results) are just invalid output generated from empty password/salt instead of the supplied one

PoC

On Node.js/io.js < 3.0.0

Impact

Static hashes being outputted and used as keys/passwords can completely undermine security That said, no one should be using those Node.js versions anywhere now, so I would recommend to just drop them This lib should not pretend to work on those versions while outputting static data though

Just updating to a fixed version is not enough: if anyone was using pbkdf2 lib (do not confuse with Node.js crypto.pbkdf2) or anything depending on it with Node.js/io.js < 3.0.0, recheck where those keys went / how they were used, and take action accordingly