Your submission was sent successfully! Close

CVE-2016-2339

Published: 6 January 2017

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.

Notes

AuthorNote
mdeslaur
2.3.0 and later not affected
Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
ruby1.8
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needed)
trusty Does not exist

upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

ruby1.9.1
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was released [1.9.3.484-2ubuntu1.3])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

Patches:
upstream: https://github.com/ruby/ruby/commit/bcc2421b4938fc1d9f5f3fb6ef2320571b27af42
ruby2.0
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist
(trusty was released [2.0.0.484-1ubuntu2.4])
upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist

ruby2.3
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(2.3.1-2~16.04)
yakkety Not vulnerable
(2.3.1-5build2)
zesty Not vulnerable
(2.3.3-1)