CVE-2021-33796 – CVE-2021-33796 is a use-after-free vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2021-33796?

CVE-2021-33796 has a CVSS score of 10.0 (CRITICAL). CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can lead to denial of service. This affects applications using MuJS before version 1.1.2 for JavaScript parsing/execution. Attackers could crash the application by exploiting this memory corruption flaw.

📋 TL;DR

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can lead to denial of service. This affects applications using MuJS before version 1.1.2 for JavaScript parsing/execution. Attackers could crash the application by exploiting this memory corruption flaw.

💻 Affected Systems

Products:

MuJS (lightweight JavaScript interpreter)

Versions: All versions before 1.1.2

Operating Systems: All platforms where MuJS runs (Linux, Windows, macOS, etc.)

Default Config Vulnerable: ⚠️ Yes

Notes: Any application embedding MuJS library is affected when processing JavaScript code with regexp operations.

📦 What is this software?

Mujs by Artifex

View all CVEs affecting Mujs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash leading to denial of service, potentially allowing further memory corruption attacks if combined with other vulnerabilities.

🟠

Likely Case

Application instability and crashes when processing malicious regexp patterns, causing service disruption.

🟢

If Mitigated

Minimal impact with proper input validation and sandboxing, though crashes may still occur.

🌐 Internet-Facing: HIGH if MuJS processes untrusted input from external sources like web applications or APIs.

🏢 Internal Only: MEDIUM if MuJS only processes trusted internal data, but still vulnerable to accidental crashes.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is in regexp handling, making exploitation straightforward with crafted JavaScript input.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.1.2 and later

Vendor Advisory: https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515

Restart Required: Yes

Instructions:

1. Update MuJS to version 1.1.2 or later. 2. Recompile any applications using MuJS. 3. Restart affected services.

🔧 Temporary Workarounds

Input Validation

all

Validate and sanitize JavaScript input before passing to MuJS, especially regexp patterns.

Sandbox Execution

all

Run MuJS in isolated containers or sandboxes to limit impact of crashes.

🧯 If You Can't Patch

Disable regexp functionality if not required
Implement strict input filtering for JavaScript code

🔍 How to Verify

Check if Vulnerable:

Check MuJS version with 'mujs --version' or examine library version in application.

Check Version:

mujs --version

Verify Fix Applied:

Confirm version is 1.1.2 or later and test with known malicious regexp patterns.

📡 Detection & Monitoring

Log Indicators:

Application crashes
Segmentation fault errors
Memory access violation logs

Network Indicators:

Unusual patterns of JavaScript/regexp input

SIEM Query:

search 'segmentation fault' OR 'memory corruption' AND 'mujs'

📊 Metadata

CVE ID: CVE-2021-33796

CVSS v3 Score: 10.0 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE: CWE-416

Published: July 7, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33796, you might also want to check these: