Ruby is prone to an arbitrary memory disclosure vulnerability.
Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.
Ruby 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 are vulnerable.
Information
Bugtraq ID: 100890Class: Design Error
CVE: CVE-2017-14064
Remote: Yes
Local: No
Published: Aug 31 2017 12:00AM
Updated: Oct 09 2017 01:02PM
Credit: ahmadsherif
Vulnerable: Ruby-Lang Ruby 2.4.1
Ruby-Lang Ruby 2.3.4
Ruby-Lang Ruby 2.3
Ruby-Lang Ruby 2.2.7
Ruby-Lang Ruby 2.4.0
Redhat Software Collections for RHEL 0
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
Redhat Enterprise Linux 5
Not Vulnerable: Ruby-Lang Ruby 2.4.2
Ruby-Lang Ruby 2.3.5
Ruby-Lang Ruby 2.2.8
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References:
- Backport request r58323 (hsbt (Hiroshi SHIBATA))
- Ruby 2.2.8 Released (Ruby-Lang)
- Ruby 2.3.5 Released (Ruby-Lang)
- Ruby 2.4.2 Released (Ruby-Lang)
- Ruby Home Page (Yukihiro Matsumoto)
- CVE-2017-14064 ruby: Arbitrary heap exposure during a JSON.generate call (Red Hat)
- CVE-2017-14064: Heap exposure vulnerability in generating JSON (Ruby-Lang)