Описание
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.
Отчет
This issue affects the versions of ruby as shipped with Red Hat Enterprise Linux 7 and the versions of rh-ruby22-ruby and rh-ruby23-ruby as shipped with Red Hat Software Collections. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| CloudForms Management Engine 5 | rh-ruby22-ruby | Not affected | ||
| CloudForms Management Engine 5 | ruby-200-ruby | Not affected | ||
| Red Hat Enterprise Linux 5 | ruby | Not affected | ||
| Red Hat Enterprise Linux 6 | ruby | Not affected | ||
| Red Hat Subscription Asset Manager | ruby193-ruby | Will not fix | ||
| Red Hat Enterprise Linux 7 | ruby | Fixed | RHSA-2018:0378 | 28.02.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | rh-ruby24-ruby | Fixed | RHSA-2017:3485 | 19.12.2017 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | rh-ruby22-ruby | Fixed | RHSA-2018:0583 | 26.03.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | rh-ruby23-ruby | Fixed | RHSA-2018:0585 | 26.03.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS | rh-ruby24-ruby | Fixed | RHSA-2017:3485 | 19.12.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious forma ...
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap.
EPSS
6.5 Medium
CVSS3