CVE-2022-28739: Buffer overrun in String-to-Float conversion

30 views

Skip to first unread message

an...@arko.net

unread,

Apr 12, 2022, 9:06:29 AM4/12/22

to ruby-sec...@googlegroups.com

A buffer-overrun vulnerability is discovered in a conversion algorithm from a String to a Float. This vulnerability has been assigned the CVE identifier CVE-2022-28739. We strongly recommend upgrading Ruby.

Details

Due to a bug in an internal function that converts a String to a Float, some convertion methods like Kernel#Float and String#to_f could cause buffer over-read. A typical consequence is a process termination due to segmentation fault, but in a limited circumstances, it may be exploitable for illegal memory read.

Please update Ruby to 2.6.10, 2.7.6, 3.0.4, or 3.1.2.

Affected versions

ruby 2.6.9 or prior
ruby 2.7.5 or prior
ruby 3.0.3 or prior
ruby 3.1.1 or prior

Credits

Thanks to piao for discovering this issue.

History

Originally published at 2022-04-12 12:00:00 (UTC)

Posted by mame on 12 Apr 2022

https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/

Reply all

Reply to author

Forward

0 new messages