If you are using a version prior to 1.36.2 of uBlock Origin you must update now

Few days ago a vulnerability was disclosed in the famous browser extension "UBlock Origin" which could cause system crashes of the user or get to the point of running out of memory when browsing a specially crafted URL if the URL falls under "strict blocking" filters.

The identified vulnerability only manifests when the user goes directly to the problematic URL, for example, when you click on a link.

Strict blocking works by opening a warning page that provides information about the blocked resource, including its URL and the filter that prevented the resource from loading. The warning page also displays the query parameters of the blocked URL to help users avoid tracking redirects.

In previous versions of uBO, these parameters were recursively parsed and added to the DOM without any depth check, which could lead to extension crashes and memory exhaustion, depending on the browser and hardware. uMatrix and ηMatrix, a fork of uMatrix compatible with Pale Moon, share similar code for displaying parsed URL parameters.

It is mentioned that the detected vulnerability has been corrected in a timely manner in updating uBlock Origin 1.36.2. Although it is also mentioned that uMatrix plugin is also affected for the same problem, but its maintenance has been discontinued and updates are no longer released, so the only solution is to uninstall the browser extension.

As no solutions in uMatrix (originally it was suggested to disable all strict blocking filters via the "Assets" tab, but this recommendation was deemed insufficient and creates problems for users with their own blocking rules). In ηMatrix, a fork of uMatrix from the Pale Moon project, the vulnerability was fixed in version 4.4.9.

Users must update to uBO 1.36.2 and ηMatrix 4.4.9 to receive fixes for this security vulnerability, which affects the default settings for both extensions.

About the vulnerability it is mentioned that it is caused because a strong blocking filter is generally defined at the domain level and is intended to deny all connections, even if you follow a link directly.

That is, the vulnerability is due to the fact that when navigating to a page that is eligible for a strict blocking filter, a warning is displayed to the user, providing information about the blocked resource, including the URL and request parameters. The problem is that uBlock Origin parses the request parameters recursively and adds them to the DOM tree regardless of nesting level.

Strict filters are most often used to block sites that perform affiliate redirects, serve malicious software, or are undesirable to visit. They are generally applied at the domain level (for example, googlesyndication.com) and tend to resemble entries in hosts files, although they can also target more specific resources.

By handling a specially crafted URL in uBlock Origin for Chrome, it is possible to block the process in which the browser plugin is running. After blocking, until the process with the plugin is restarted, the user is left without blocking the unwanted content. Firefox is running out of memory.

On the other hand, some users have commented that in NoScript, they have noticed the presence of an error that leads to 100% CPU load in Firefox when opening some sites, so for now to fix this, you must close Firefox completely and then open the task manager and wait for the process to finish. Then, Firefox must be restarted or the process must be terminated to reopen the browser and start with the previous session.

Finally, if you are interested in knowing more about it you can consult the details in the following link.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.