Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-8778

A integer underflow was found in the way String#unpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory.

Source

A integer underflow was found in the way String#unpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory.

Find out more about CVE-2018-8778 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of ruby as shipped with Red Hat CloudForms 4. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

This issue affects the versions of ruby as shipped with Red Hat Subscription Asset Manager 1. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

CVSS v3 metrics

CVSS3 Base Score	4.8
CVSS3 Base Metrics	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Attack Vector	Network
Attack Complexity	High
Privileges Required	None
User Interaction	None
Scope	Unchanged
Confidentiality	Low
Integrity Impact	None
Availability Impact	Low

Red Hat Security Errata

Platform	Errata	Release Date
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-ruby24-ruby)	RHSA-2018:3730	2018-11-29
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-ruby23-ruby)	RHSA-2018:3729	2018-11-29
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-ruby23-ruby)	RHSA-2018:3729	2018-11-29
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-ruby24-ruby)	RHSA-2018:3730	2018-11-29
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-ruby25-ruby)	RHSA-2018:3731	2018-11-29

Affected Packages State

Platform	Package	State
Red Hat Subscription Asset Manager 1	ruby193-ruby	Will not fix
Red Hat Software Collections for Red Hat Enterprise Linux	rh-ruby22-ruby	Will not fix
Red Hat Enterprise Linux 7	ruby	Affected
Red Hat Enterprise Linux 6	ruby	Will not fix
Red Hat Enterprise Linux 5	ruby	Will not fix

Mitigation

Vulnerable code when String#unpack's argument is attacker controlled.
In the unpack format string argemument, manual sanitization can be done by preventing the number following '@' to overflow to a negative number. See https://dev.to/sqreenio/an-in-depth-look-at-cve-2018-8878-or-why-integer-overflows-are-still-a-thing-1n01 for mitigation details.

External References

https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-8778

Statement

CVSS v3 metrics

Red Hat Security Errata

Affected Packages State

Mitigation

External References

Vulmon Search

About

Products

Connect