Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-2338

An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.

Published

2022-09-29T03:15:11.470

Last Modified

2024-11-21T02:48:15.353

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ruby-lang	ruby	2.2.2	Yes
Application	ruby-lang	ruby	2.3.0	Yes
Operating System	debian	debian_linux	8.0	Yes

References

http://www.talosintelligence.com/reports/TALOS-2016-0032/ Exploit, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2020/03/msg00032.html Mailing List, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20221228-0005/ Third Party Advisory ([email protected])
http://www.talosintelligence.com/reports/TALOS-2016-0032/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/03/msg00032.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20221228-0005/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)