// For flags

CVE-2008-2376

ruby: integer overflows in rb_ary_fill() / Array#fill

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.

Desbordamiento de entero en la función rb_ary_fill en array.c en Ruby antes de la revisión 17756 que permite a los atacantes dependientes de contesto causar una denegación de servicios (caída) o posiblemente otro impacto no especificado a través de la llamada al método Arrray#fill con un argumento de entrada (alias beg) mayor que ARY_MAX_SIZE NOTA: esto existe por un parche incompleto para otros desbordamientos de enteros

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-05-21 CVE Reserved
  • 2008-07-09 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-189: Numeric Errors
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (30)
URL Tag Source
http://secunia.com/advisories/31006 Third Party Advisory
http://secunia.com/advisories/31062 Third Party Advisory
http://secunia.com/advisories/31090 Third Party Advisory
http://secunia.com/advisories/31181 Third Party Advisory
http://secunia.com/advisories/31256 Third Party Advisory
http://secunia.com/advisories/32219 Third Party Advisory
http://secunia.com/advisories/33178 Third Party Advisory
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756 X_refsource_confirm
http://wiki.rpath.com/Advisories:rPSA-2008-0218 X_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218 X_refsource_confirm
http://www.openwall.com/lists/oss-security/2008/07/02/3 Mailing List
http://www.securityfocus.com/archive/1/494104/100/0/threaded Mailing List
http://www.us-cert.gov/cas/techalerts/TA08-260A.html Third Party Advisory
http://www.vupen.com/english/advisories/2008/2584 Vdb Entry
https://issues.rpath.com/browse/RPL-2639 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html 2023-11-07
http://secunia.com/advisories/30927 2023-11-07
http://security.gentoo.org/glsa/glsa-200812-17.xml 2023-11-07
http://www.debian.org/security/2008/dsa-1612 2023-11-07
http://www.debian.org/security/2008/dsa-1618 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:140 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:141 2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2008:142 2023-11-07
http://www.redhat.com/support/errata/RHSA-2008-0561.html 2023-11-07
https://usn.ubuntu.com/651-1 2023-11-07
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html 2023-11-07
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html 2023-11-07
https://access.redhat.com/security/cve/CVE-2008-2376 2008-07-14
https://bugzilla.redhat.com/show_bug.cgi?id=453589 2008-07-14
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ruby-lang
Search vendor "Ruby-lang"
 Ruby
Search vendor "Ruby-lang" for product "Ruby"
 1.8.6.230
Search vendor "Ruby-lang" for product "Ruby" and version "1.8.6.230"
-
Affected
in Redhat
Search vendor "Redhat"
 Fedora 8
Search vendor "Redhat" for product "Fedora 8"
 1.8.6.230
Search vendor "Redhat" for product "Fedora 8" and version "1.8.6.230"
-
Safe