A buffer-overrun vulnerability is discovered in a conversion algorithm from a String to a Float. This vulnerability has been assigned the CVE identifier CVE-2022-28739. We strongly recommend upgrading Ruby.
Due to a bug in an internal function that converts a String to a Float, some convertion methods like Kernel#Float
and String#to_f
could cause buffer over-read.
A typical consequence is a process termination due to segmentation fault, but in a limited circumstances, it may be exploitable for illegal memory read.
Please update Ruby to 2.6.10, 2.7.6, 3.0.4, or 3.1.2.
Thanks to piao for discovering this issue.
Posted by mame on 12 Apr 2022
https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/