CVE-2016-2339

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.

References

http://www.securityfocus.com/bid/91234

http://www.talosintelligence.com/reports/TALOS-2016-0034/

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

Details

Source: MITRE

Published: 2017-01-06

Updated: 2018-07-15

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
137599SUSE SLES12 Security Update : ruby2.1 (SUSE-SU-2020:1570-1)NessusSuSE Local Security Checks
high
125569EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)NessusHuawei Local Security Checks
critical
121666Photon OS 1.0: Ruby PHSA-2017-0002NessusPhotonOS Local Security Checks
critical
111851Photon OS 1.0: Ruby PHSA-2017-0002 (deprecated)NessusPhotonOS Local Security Checks
critical
111081Debian DLA-1421-1 : ruby2.1 security updateNessusDebian Local Security Checks
critical
101974Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities (USN-3365-1)NessusUbuntu Local Security Checks
critical
99896EulerOS 2.0 SP2 : ruby (EulerOS-SA-2017-1051)NessusHuawei Local Security Checks
critical
99895EulerOS 2.0 SP1 : ruby (EulerOS-SA-2017-1050)NessusHuawei Local Security Checks
critical
99753openSUSE Security Update : ruby2.1 (openSUSE-2017-527)NessusSuSE Local Security Checks
critical
99578SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)NessusSuSE Local Security Checks
critical
99208openSUSE Security Update : ruby2.2 / ruby2.3 (openSUSE-2017-435)NessusSuSE Local Security Checks
critical