Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 14 Aug 2008 18:45:52 -0400 (EDT)
From: "Steven M. Christey" <>
To: "Steven M. Christey" <>
Subject: Re: CVE id requests: ruby

Note the following DoS in the regular expression engine, which smells like
a NULL pointer dereference.  This appears to have been fixed in the latest
release.  A *likely* (but not provable) changelog entry for the fix is:
"regex.c (DOUBLE_STACK, re_compile_fastmap0, re_adjust_startpos),
(re_search, re_match_exec): check if failed to allocate memory."

- Steve

Name: CVE-2008-3443
Status: Candidate
Reference: MILW0RM:6239
Reference: URL:

The regular expression engine (regex.c) in Ruby 1.8.5 and earlier,
1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through
r18423 allows remote attackers to cause a denial of service (infinite
loop and crash) via multiple long requests to a Ruby socket, related
to memory allocation failure, and as demonstrated against Webrick.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.