Buffer overflow in Ruby - CVE-2016-2339
Published: January 6, 2017 / Updated: August 9, 2020
Vulnerability identifier: #VU39952
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-2339
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Ruby
Affected software:
Ruby
Ruby
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
How to mitigate CVE-2016-2339
Install update from vendor's website.