ruby-2.0.0.648-39.0.3.el7.AXS7
エラータID: AXSA:2025-10921:03
リリース日:
2025/10/03 Friday - 15:35
題名:
ruby-2.0.0.648-39.0.3.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Ruby の Psych::Emitter の start_document() 関数には、ヒープ
領域の範囲外書き込みの問題があるため、リモートの攻撃者により、
巧妙に細工された tags 配列の処理を介して、情報の漏洩、データ破壊、
およびサービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2016-2338)
- Ruby の Fiddle::Function.new の initialize() 関数には、ヒープ
領域のバッファオーバーフローの問題があるため、ローカルの攻撃者に
より、巧妙に細工された args 配列の処理を介して、情報の漏洩、
データ破壊、およびサービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2016-2339)
- Ruby、および PHP で用いられる Oniguruma には、メモリ領域の
範囲外書き込みの問題があるため、リモートの攻撃者により、メモリ
破壊を可能とする脆弱性が存在します。(CVE-2017-9226)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-9226
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.
CVE-2016-2338
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.
CVE-2016-2339
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- ruby-2.0.0.648-39.0.3.el7.AXS7.x86_64.rpm
MD5: a00f126d924aa744605a07c579c6d38a
SHA-256: 81213e009348f4fa3ab5a579f541e263fc1f27e15904072e03438091e52347c3
Size: 74.29 kB - rubygem-bigdecimal-1.2.0-39.0.3.el7.AXS7.x86_64.rpm
MD5: d19d85e473af4c091be495e31b035aa5
SHA-256: 5e445dc60d2b79d607076ced025afcf6048b4b5695598551c1cf735d4a14bc3d
Size: 86.20 kB - rubygem-io-console-0.4.2-39.0.3.el7.AXS7.x86_64.rpm
MD5: 5ddc35c159cab47c2d93eae11546ba84
SHA-256: 6e5332330fc2910cb550878a77160fe9c7258cf8379efe95c252b5ac0f8de736
Size: 57.24 kB - rubygem-json-1.7.7-39.0.3.el7.AXS7.x86_64.rpm
MD5: 609c9544fb7c54eeaf52197cb4317abb
SHA-256: c640e62cef80a077606530150640a1a22f969e1ae7e83dd7e6d71e2be159d2fb
Size: 82.78 kB - rubygem-psych-2.0.0-39.0.3.el7.AXS7.x86_64.rpm
MD5: 26c6c2539f30411358e14595390515f5
SHA-256: ee03ef500a9f40b0fa6aedbe9994ec8ed9354b9ec2c99a53cea5f626f5ee6eeb
Size: 85.75 kB - rubygem-rdoc-4.0.0-39.0.3.el7.AXS7.noarch.rpm
MD5: b979a5beb3ca692dd40bd9af618aba4d
SHA-256: 58494b0b63e13dbd493cc5d08610b2440c0225562640c29071b90c9af4304d69
Size: 325.07 kB - rubygems-2.0.14.1-39.0.3.el7.AXS7.noarch.rpm
MD5: b678f015a7e4729249f20b7c44190afd
SHA-256: 364274e6d9fb20fed63ebafe5cf0b762003cca9d2c1c5024130a4904686e054c
Size: 216.70 kB - ruby-irb-2.0.0.648-39.0.3.el7.AXS7.noarch.rpm
MD5: ee3a57773f8f076e5de858b532454c90
SHA-256: f1d9b17a35e627522089865fee29b5dd9ea2aef1c9fe484846d594f329c081cb
Size: 95.34 kB - ruby-libs-2.0.0.648-39.0.3.el7.AXS7.i686.rpm
MD5: 68936c98fc1f7fa04414188a08cc33cc
SHA-256: c2d68e61598b05f6bc0653b39132d42906e29b3e6921f4049483dec1e0754d45
Size: 2.84 MB - ruby-libs-2.0.0.648-39.0.3.el7.AXS7.x86_64.rpm
MD5: 06d65aa29c41bdd7a22681e90183ac60
SHA-256: f4c1c10a0ee0e56b4941f41a02dd2cf5980790a1b41d5ed301f261d2985c5a05
Size: 2.80 MB
English