CVE编号
CVE-2022-24795利用情况
暂无补丁情况
N/A披露时间
2022-04-06漏洞描述
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `size_t` in the 2.x branch of `yajl`, which practically prevents the issue from triggering on 64bit platforms, however this does not preclude this issue triggering on 32bit builds on which `size_t` is a 32bit integer. Subsequent population of this under-allocated heap chunk is based on the original buffer size, leading to heap memory corruption. This vulnerability mostly impacts process availability. Maintainers believe exploitation for arbitrary code execution is unlikely. A patch is available and anticipated to be part of yajl-ruby version 1.4.2. As a workaround, avoid passing large inputs to YAJL.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://github.com/brianmario/yajl-ruby/blob/7168bd79b888900aa94523301126f968... | |
| https://github.com/brianmario/yajl-ruby/commit/7168bd79b888900aa94523301126f9... | |
| https://github.com/brianmario/yajl-ruby/security/advisories/GHSA-jj47-x69x-mxrm |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | yajl-ruby_project | yajl-ruby | * |
Up to (excluding) 1.4.2 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | ruby-yajl | * |
Up to (excluding) 1.3.1-1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | ruby-yajl | * |
Up to (excluding) 1.4.1-1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_12 | ruby-yajl | * |
Up to (excluding) 1.4.1-1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_9 | ruby-yajl | * |
Up to (excluding) 1.2.0-3 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_sid | ruby-yajl | * |
Up to (excluding) 1.4.1-1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_EPEL_7 | ruby-yajl | * |
Up to (excluding) 1.3.5-7.el7 |
|||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 无
- 完整性 无
还没有评论,来说两句吧...