Ruby 'initialize()' Function Heap Buffer Overflow Vulnerability

Ruby is prone to a heap-based buffer overflow vulnerability because it fails to adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of the application using the affected function. Failed exploit attempts will likely crash the application.

Ruby 2.3.0 dev and 2.2.2 are vulnerable; other versions may also be affected.

Information

Bugtraq ID: 91234
Class: Boundary Condition Error
CVE: CVE-2016-2339

Remote: Yes
Local: No
Published: Jun 14 2016 12:00AM
Updated: Jul 26 2017 10:08AM
Credit: Marcin ‘Icewall’ Noga of Cisco Talos.
Vulnerable: Yukihiro Matsumoto Ruby 2.3.0-dev
Yukihiro Matsumoto Ruby 2.2.2
Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
openSUSE Leap 42.2
openSUSE Leap 42.1

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

• Ruby Homepage (Ruby)
  
• Ruby Fiddle::Function.new Heap Overflow Vulnerability (Cisco Talos)
  

Source: www.securityfocus.com