Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.
2014-11-15T20:59:01.453
2025-04-12T10:46:40.837
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ruby-lang | ruby | ≤ 1.9.3 | Yes |
| Application | ruby-lang | ruby | 2.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.0.0 | Yes |
| Application | ruby-lang | ruby | 2.1 | Yes |
| Application | ruby-lang | ruby | 2.1 | Yes |
| Application | ruby-lang | ruby | 2.1.1 | Yes |
| Application | ruby-lang | ruby | 2.1.2 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_hpc_node | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 7.0 | Yes |
| Operating System | debian | debian_linux | 7.0 | Yes |
| Operating System | debian | debian_linux | 8.0 | Yes |
| Operating System | canonical | ubuntu_linux | 12.04 | Yes |
| Operating System | canonical | ubuntu_linux | 14.04 | Yes |
| Operating System | canonical | ubuntu_linux | 14.10 | Yes |