Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1617)

Published: 2020-01-23 12:17:30
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary:
The remote host is missing an update for the Huawei EulerOS 'ruby' Linux Distribution Package(s) announced via the EulerOS-SA-2019-1617 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.(CVE-2018-16395) An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.(CVE-2018-16396) An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur.(CVE-2019-8322) An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur.(CVE-2019-8323) An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadable_spec during the preinstall check.(CVE-2019-8324) An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)(CVE-2019-8325)

Affected Versions:
'ruby' Linux Distribution Package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2018-16395
https://nvd.nist.gov/vuln/detail/CVE-2018-16396
https://nvd.nist.gov/vuln/detail/CVE-2019-8322
https://nvd.nist.gov/vuln/detail/CVE-2019-8323
https://nvd.nist.gov/vuln/detail/CVE-2019-8324
https://nvd.nist.gov/vuln/detail/CVE-2019-8325

CVE Analysis

https://www.mageni.net/cve/CVE-2018-16395
https://www.mageni.net/cve/CVE-2018-16396
https://www.mageni.net/cve/CVE-2019-8322
https://www.mageni.net/cve/CVE-2019-8323
https://www.mageni.net/cve/CVE-2019-8324
https://www.mageni.net/cve/CVE-2019-8325

References:

https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1617

Severity
High
CVSS Score
7.5
Published
2020-01-23
Modified
2020-01-23
Category
Huawei EulerOS Local Security Checks

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.