critical
9.8
Advisory Published
CVE Published
CVE Published
Advisory Published
Updated

CVE-2018-16395

First published: Thu Oct 25 2018(Updated: )

An instance of OpenSSL::X509::Name contains entities such as CN, C and so on. Some two instances of OpenSSL::X509::Name are equal only when all entities are exactly equal. However, there is a bug that the equality check is not correct if the value of an entity of the argument (right-hand side) starts with the value of the receiver (left-hand side). So, if a malicious X.509 certificate is passed to compare with an existing certificate, there is a possibility to be judged incorrectly that they are equal. External References: <a href="https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/">https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/</a>

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
rubygems/openssl>=2.1.0<2.1.2
2.1.2
rubygems/openssl<2.0.9
2.0.9
Ruby-lang Openssl<2.1.2
Ruby-lang Ruby>=2.3.0<=2.3.7
Ruby-lang Ruby>=2.4.0<=2.4.4
Ruby-lang Ruby>=2.5.0<=2.5.1
Ruby-lang Ruby=2.6.0-preview1
Ruby-lang Ruby=2.6.0-preview2
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Redhat Enterprise Linux=7.4
ubuntu/ruby1.9.1<1.9.3.484-2ubuntu1.13
1.9.3.484-2ubuntu1.13
ubuntu/ruby2.0<2.0.0.484-1ubuntu2.11
2.0.0.484-1ubuntu2.11
ubuntu/ruby2.3<2.3.1-2~16.04.11
2.3.1-2~16.04.11
ubuntu/ruby2.5<2.5.1-1ubuntu1.1
2.5.1-1ubuntu1.1
ubuntu/ruby2.5<2.5.1-5ubuntu4.1
2.5.1-5ubuntu4.1
ubuntu/ruby2.5<2.5.1-6ubuntu3
2.5.1-6ubuntu3
ubuntu/ruby2.5<2.5.1-6ubuntu3
2.5.1-6ubuntu3
debian/ruby-openssl
debian/ruby2.1
debian/ruby2.5

Remedy

https://hackerone.com/reports/387250

Remedy

https://github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is CVE-2018-16395?

    CVE-2018-16395 is a vulnerability in the OpenSSL library in Ruby that allows non-equal objects to return true when compared using certain conditions.

  • What is the severity of CVE-2018-16395?

    CVE-2018-16395 has a severity rating of 9.8, which is considered critical.

  • Which software versions are affected by CVE-2018-16395?

    CVE-2018-16395 affects Ruby versions before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3.

  • How can I fix CVE-2018-16395?

    To fix CVE-2018-16395, update your Ruby installation to version 2.3.8 or later.

  • Where can I find more information about CVE-2018-16395?

    You can find more information about CVE-2018-16395 in the references provided: [Debian LTS announce](https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html), [HackerOne report](https://hackerone.com/reports/387250), [Ruby-lang.org news](https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203