CVE-2018-8778: Buffer under-read in String#unpack
There is a buffer under-read vulnerability in
This vulnerability has been assigned the CVE identifier
receives format specifiers as its parameter, and can be specified the position of parsing the data by the specifier
If a big number is passed with
, the number is treated as the negative value, and out-of-buffer read is occurred.
So, if a script accepts an external input as the argument of
, the attacker can read data on heaps.
All users running an affected release should upgrade immediately.
- Ruby 2.2 series: 2.2.9 and earlier
- Ruby 2.3 series: 2.3.6 and earlier
- Ruby 2.4 series: 2.4.3 and earlier
- Ruby 2.5 series: 2.5.0 and earlier
- Ruby 2.6 series: 2.6.0-preview1
- prior to trunk revision r62992
Thanks to aerodudrizzt for reporting the issue.
- Originally published at 2018-03-28 14:00:00 (UTC)
Posted by usa on 28 Mar 2018