An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
References
Link | Resource |
---|---|
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/ | |
https://security.netapp.com/advisory/ntap-20200625-0001/ | Third Party Advisory |
https://www.debian.org/security/2020/dsa-4721 | Third Party Advisory |
https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/ | Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
03 May 2022, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 | |
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* |
|
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4721 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200625-0001/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4TNVTT66VPRMX5UZYSDGSVRXKKDDDU5/ - Mailing List, Third Party Advisory |
Information
Published : 2020-05-04 15:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-10933
Mitre link : CVE-2020-10933
CVE.ORG link : CVE-2020-10933
JSON object : View
Products Affected
fedoraproject
- fedora
ruby-lang
- ruby
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-908
Use of Uninitialized Resource