Preface: Node. js has two types of threads: one Event Loop and k Workers. The Event Loop is responsible for JavaScript callbacks and non-blocking I/O, and a Worker executes tasks corresponding to C++ code that completes an asynchronous request, including blocking I/O and CPU-intensive work.

Background: Why do we use child process in Node.js?

Node Child Process – Node is a tool that uses JavaScript and has many useful parts to it. Normally, it does work with one thread at a time, which means it can handle tasks without waiting. However, when there’s a lot of work to be done, we use the child_process module to create additional threads.

The child_process.spawn() method spawns the child process asynchronously, without blocking the Node.js event loop. The child_process.spawnSync() function provides equivalent functionality in a synchronous manner that blocks the event loop until the spawned process either exits or is terminated.

Vulnerability details: The CVE-2024-27980 was identified as an incomplete fix for the BatBadBut vulnerability. This vulnerability arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.

This vulnerability affects all users of child_process.spawn and child_process.spawnSync on Windows in all active release lines.

Impact: This vulnerability affects all Windows users in active release lines: 22.x, 20.x, 18.x

Official announcement: For detail, please refer to link – https://nodejs.org/en/blog/vulnerability/july-2024-security-releases

Preface: Trusted Firmware-M (TF-M) defines several common profiles, such as Profile Small, Profile Medium, Profile Medium ARoT-less and Profile Large, to provide different levels of security to adapt to different device functions and applications. Use cases on top of firmware.

Background: The capabilities and resources of different IoT devices can vary significantly. Some IoT devices may have very limited memory resources. Programs on these devices should maintain a small memory footprint and basic functionality.

Trusted Firmware-M (TF-M) defines several general profiles, such as Profile Small, Profile Medium, Profile Medium ARoT-less and Profile Large, to provide different levels of security to fit diverse device capabilities and use cases applied on the top of the base configuration.

Ref: Trusted Firmware-M (TF-M) is an open source collaboration which implements the Platform Security Architecture (PSA) specification for Arm Cortex®-M MCU groups. This application project introduces how Trusted Firmware-M integrates with Renesas Flexible Software Package (FSP) to support PSA specification implementation on the Renesas RA Family MCU groups.

Vulnerability details: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i… https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar[.]C . In line 313 “addr_loaded_cnt” is checked not to be “CHECK_IMAGE_AREA_CNT” (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of “dst” will be written to the area immediately after the buffer, which is “addr_loaded_cnt”. This will allow an attacker to freely control the value of “addr_loaded_cnt” and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value (“len”) they desire.

Official announcement: For detail, please refer to link – https://nvd.nist.gov/vuln/detail/CVE-2024-6563

Preface: The PX4 is a professional autopilot. Developed by world-class developers from industry and academia and supported by an active worldwide community, it powers a variety of vehicles from racing and cargo drones to ground vehicles and submersibles.

Background:  What is needed to control a drone using PX4 flight controller?

-A computer with Internet Access.

-Linux operating system (I am using Ubuntu 14.04 LTS, you can use the operating system you want, but since I am also doing source code development, Linux will make my days a lot easier).

-A PX4 autopilot (Pixhawk, Pixfalcon, HK Pilot 32, Pixracer) with micro usb cable.

-Your drone.

-A pair of telemetry modules (optional).

Vulnerability details: PX4-Autopilot v1[.]14[.]3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics[.]cpp.

Official announcement: For detail, please refer to link –

https://nvd.nist.gov/vuln/detail/cve-2024-38952

Preface: For example, if your app defines a fence for headphones, it gets callbacks when the headphones are plugged in and when they’re unplugged.

Background: Automotive infotainment is an in-car system that combines entertainment such as radio and music playing with driving information, including navigation, ADAS, and vehicle settings.

The SA8255P delivers next-generation Qualcomm Snapdragon automotive infotainment SoC. Developed with SEooC targeting ASIL B use cases, the SAM8255P empowers automakers with scalable solutions that are connected, smart, and aware.

Vulnerability details: NULL Pointer Dereference in Graphics,

transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.

Affected Chipsets: QAM8255P, QAM8650P, QAM8775P, QAMSRV1H, QAMSRV1M, SA8255P, SA8650P, SA8770P, SA8775P, SA9000P, SRV1H, SRV1M.

Official announcement: For detail, please refer to link – https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html

Preface: By default, OpenWrt builds the kernel with a useful set of netfilter capabilities for a robust router. NAT. REJECT. REDIRECT. CONNTRACK. LOG.

OpenWrt is a Linux distribution suitable for embedded devices. Currently, many embedded hardware platforms on the market use OpenWrt as their basis, such as routers, network gateways or industrial use computer

Background: Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required for directing packets through a network and prohibiting packets from reaching sensitive locations within a network.

Netfilter represents a set of hooks inside the Linux kernel, allowing specific kernel modules to register callback functions with the kernel’s networking stack. Those functions, usually applied to the traffic in the form of filtering and modification rules, are called for every packet that traverses the respective hook within the networking stack.

Vulnerability details: CVE-2024-1086 A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

Official announcement: For detail, please refer to link – https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1086