Candidate: CVE-2016-2338
PublicDate: 2016-06-14
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2338
 http://www.talosintelligence.com/reports/TALOS-2016-0032/
Description:
 An exploitable heap overflow vulnerability exists in the Psych::Emitter
 start_document function of Ruby. In Psych::Emitter start_document function
 heap buffer "head" allocation is made based on tags array length. Specially
 constructed object passed as element of tags array can increase this array
 size after mentioned allocation and cause heap overflow.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_ruby1.9.1:
upstream_ruby1.9.1: needs-triage
precise/esm_ruby1.9.1: DNE
trusty_ruby1.9.1: ignored (out of standard support)
trusty/esm_ruby1.9.1: DNE
xenial_ruby1.9.1: DNE
bionic_ruby1.9.1: DNE
eoan_ruby1.9.1: DNE
devel_ruby1.9.1: DNE

Patches_ruby2.0:
upstream_ruby2.0: needs-triage
precise/esm_ruby2.0: DNE
trusty_ruby2.0: ignored (out of standard support)
trusty/esm_ruby2.0: DNE
xenial_ruby2.0: DNE
bionic_ruby2.0: DNE
eoan_ruby2.0: DNE
devel_ruby2.0: DNE

Patches_ruby2.3:
 upstream: https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed
upstream_ruby2.3: needs-triage
precise/esm_ruby2.3: DNE
trusty_ruby2.3: DNE
trusty/esm_ruby2.3: DNE
xenial_ruby2.3: not-affected (2.3.1-2~ubuntu16.04.14)
esm-infra/xenial_ruby2.3: not-affected (2.3.1-2~ubuntu16.04.14)
bionic_ruby2.3: DNE
eoan_ruby2.3: DNE
devel_ruby2.3: DNE

Patches_ruby2.5:
 upstream: https://git.ruby-lang.org/ruby.git/commit/?id=db48c307944a9a18877236bdf9e9b778875f38ed
upstream_ruby2.5: needs-triage
precise/esm_ruby2.5: DNE
trusty_ruby2.5: DNE
trusty/esm_ruby2.5: DNE
xenial_ruby2.5: DNE
bionic_ruby2.5: not-affected (2.5.1-1ubuntu1.6)
eoan_ruby2.5: not-affected (2.5.5-4ubuntu2.1)
devel_ruby2.5: not-affected (2.5.7-1ubuntu3)

Patches_ruby2.7:
upstream_ruby2.7: needs-triage
precise/esm_ruby2.7: DNE
trusty_ruby2.7: DNE
trusty/esm_ruby2.7: DNE
xenial_ruby2.7: DNE
bionic_ruby2.7: DNE
eoan_ruby2.7: DNE
devel_ruby2.7: not-affected (2.7.0-4)

Patches_ruby-psych:
upstream_ruby-psych: needs-triage
precise/esm_ruby-psych: DNE
trusty_ruby-psych: ignored (out of standard support)
trusty/esm_ruby-psych: DNE
xenial_ruby-psych: DNE
bionic_ruby-psych: not-affected (2.2.4-6build4)
eoan_ruby-psych: not-affected (3.1.0-1build6)
devel_ruby-psych: not-affected (3.1.0+really3.1.0-1)