Ruby CVE-2017-14064 Arbitrary Memory Disclosure Vulnerability

Ruby is prone to an arbitrary memory disclosure vulnerability.

Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.

Ruby 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 are vulnerable.

Information

Bugtraq ID: 100890
Class: Design Error
CVE: CVE-2017-14064

Remote: Yes
Local: No
Published: Aug 31 2017 12:00AM
Updated: Oct 09 2017 01:02PM
Credit: ahmadsherif
Vulnerable: Ruby-Lang Ruby 2.4.1
Ruby-Lang Ruby 2.3.4
Ruby-Lang Ruby 2.3
Ruby-Lang Ruby 2.2.7
Ruby-Lang Ruby 2.4.0
Redhat Software Collections for RHEL 0
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5

Not Vulnerable: Ruby-Lang Ruby 2.4.2
Ruby-Lang Ruby 2.3.5
Ruby-Lang Ruby 2.2.8

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

• Backport request r58323 (hsbt (Hiroshi SHIBATA))
  
• Ruby 2.2.8 Released (Ruby-Lang)
  
• Ruby 2.3.5 Released (Ruby-Lang)
  
• Ruby 2.4.2 Released (Ruby-Lang)
  
• Ruby Home Page (Yukihiro Matsumoto)
  
• CVE-2017-14064 ruby: Arbitrary heap exposure during a JSON.generate call (Red Hat)
  
• CVE-2017-14064: Heap exposure vulnerability in generating JSON (Ruby-Lang)
  

Source: www.securityfocus.com