CVE-2024-27280

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Debian logo
Debian Releases
Debian Product
Codename
ruby2.7
bullseye
vulnerable
bullseye (security)
2.7.4-1+deb11u5
fixed
ruby3.1
bookworm
3.1.2-7+deb12u1
fixed
bookworm (security)
3.1.2-7+deb12u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ruby2.3
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
xenial
needs-triage
ruby2.5
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
dne
bionic
needs-triage
ruby2.7
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
dne
focal
Fixed 2.7.0-5ubuntu1.14
released
ruby3.0
plucky
dne
oracular
dne
noble
dne
mantic
dne
jammy
Fixed 3.0.2-7ubuntu2.7
released
focal
dne
ruby3.1
plucky
dne
oracular
dne
noble
dne
mantic
Fixed 3.1.2-7ubuntu3.3
released
jammy
dne
focal
dne
ruby3.2
plucky
dne
oracular
dne
noble
not-affected
mantic
dne
jammy
dne
focal
dne
bionic
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
https://hackerone.com/reports/1399856
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://hackerone.com/reports/1399856
https://security.netapp.com/advisory/ntap-20250502-0003/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/