SB2018101821 - Security restrictions bypass in ruby (Alpine package)
Published: October 18, 2018
Security Bulletin ID
SB2018101821
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Security restrictions bypass (CVE-ID: CVE-2018-16395)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists in OpenSSL::X509::Name due to the equality check is not correct if the value of an entity of the argument (right-hand side) starts with the value of the receiver (left-hand side). A remote attacker can supply malicious X.509 certificate to be passed and bypass security restrictions to conduct further attacks.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=9f704bf9da4bdb94ea9e7bcee0259b0b5f8f937d
- https://git.alpinelinux.org/aports/commit/?id=b21ba46a1a4971aee0a5432e0f30b42ff7d8ccdf
- https://git.alpinelinux.org/aports/commit/?id=58244868e7a471ddf96e8d0ece88c240e34bff1c
- https://git.alpinelinux.org/aports/commit/?id=19de9f59465766691d978b667b200e9ba93e471b
- https://git.alpinelinux.org/aports/commit/?id=9701d303015e67fc74407697f5d36c6c77c8455f
- https://git.alpinelinux.org/aports/commit/?id=e8447864e9aac6b974c9f53f3d677bba66dcfd56
- https://git.alpinelinux.org/aports/commit/?id=0666c3405e078562e5e6cefc77d45e8cc91092bc
- https://git.alpinelinux.org/aports/commit/?id=467c30c0ed02bb64cba816dd897dbba2e699575e