Published: 24/03/2016 Updated: 28/03/2018

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.4 | Impact Score: 5.9 | Exploitability Score: 2.5

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby prior to 2.0.0-p648, 2.1 prior to 2.1.8, and 2.2 prior to 2.2.4, as distributed in Apple OS X prior to 10.11.4 and other products, mishandles tainting, which allows context-dependent malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x
ruby-lang ruby 2.1.6
ruby-lang ruby 2.1.5
ruby-lang ruby 2.2.0
ruby-lang ruby 2.1.7
ruby-lang ruby
ruby-lang ruby 2.2.2
ruby-lang ruby 2.2.1
ruby-lang ruby 2.1.2
ruby-lang ruby 2.1.1
ruby-lang ruby 2.1.0
ruby-lang ruby 2.2.3
ruby-lang ruby 2.1.4
ruby-lang ruby 2.1.3

Synopsis Important: rh-ruby22-ruby security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for rh-ruby22-ruby is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...

Debian Bug report logs - #796344 CVE-2015-7551 Package: ruby21; Maintainer for ruby21 is Antonio Terceiro <terceiro@debianorg>; Source for ruby21 is src:ruby21 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 21 Aug 2015 12:36:01 UTC Severity: important Tags: security Found in ...

Several security issues were fixed in Ruby ...

DL::dlopen could open a library with tainted library name even if $SAFE > 0 ...

Checks Ruby and RubyGems against known security vulnerabilities.

RubyAudit RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version It complements bundler-audit, providing complete coverage for your Ruby stack If you use Bundler, you should use both RubyAudit and bundler-audit RubyAudit is based on and leverages bundler-audit, and would no

RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version.

RubyAudit RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version It complements bundler-audit, providing complete coverage for your Ruby stack If you use Bundler, you should use both RubyAudit and bundler-audit RubyAudit is based on and leverages bundler-audit, and would no

poc for CVE-2009-5147

CVE-2009-5147 and CVE-2015-7551 PoC to run it: make foo export FOO=/fooso ruby -v foorb with different versions of ruby you should get different results: vpereira@kimura:~/poc> rvm use 217 vpereira@kimura:~/poc> ruby -v foorb ruby 217p400 (2015-08-18 revision 51632) [x86_64-linux] some trash fom your environment vari

CWE-20 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796551 https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7551.html https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796344 https://support.apple.com/HT206167 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html https://github.com/ruby/ruby/commit/339e11a7f178312d937b7c95dd3115ce7236597a http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/76060 https://puppet.com/security/cve/ruby-dec-2015-security-fixes https://access.redhat.com/errata/RHSA-2018:0583 https://access.redhat.com/errata/RHSA-2018:0583 https://nvd.nist.gov https://usn.ubuntu.com/3365-1/

CVE-2015-7551

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect