GitHub_MVULNRICHMENT:CVE-2024-26146CVE-2024-26146 Possible Denial of Service Vulnerability in Rack Header Parsing
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1.
CNA Affected
[
{
"vendor": "rack",
"product": "rack",
"versions": [
{
"status": "affected",
"version": ">= 3.0.0, < 3.0.9.1"
},
{
"status": "affected",
"version": ">= 2.2.0, < 2.2.8.1"
},
{
"status": "affected",
"version": ">= 2.1.0, < 2.1.4.4"
},
{
"status": "affected",
"version": "< 2.0.9.4"
}
]
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:rack_project:rack:2.2.0:*:*:*:*:ruby:*:*",
"cpe:2.3:a:rack_project:rack:2.1.0:*:*:*:*:ruby:*:*",
"cpe:2.3:a:rack_project:rack:3.0.0:-:*:*:*:ruby:*:*"
],
"vendor": "rack_project",
"product": "rack",
"versions": [
{
"status": "affected",
"version": "2.1.0",
"lessThan": "2.1.4.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2.2.0",
"lessThan": "2.2.8.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.0.0",
"lessThan": "3.0.9.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:rack_project:rack:*:*:*:*:*:ruby:*:*"
],
"vendor": "rack_project",
"product": "rack",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "2.0.9.4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]References
discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942
github.com/rack/rack/commit/30b8e39a578b25d4bdcc082c1c52c6f164b59716
github.com/rack/rack/commit/6c5d90bdcec0949f7ba06db62fb740dab394b582
github.com/rack/rack/commit/a227cd793778c7c3a827d32808058571569cda6f
github.com/rack/rack/commit/e4c117749ba24a66f8ec5a08eddf68deeb425ccd
github.com/rack/rack/security/advisories/GHSA-54rr-7fvw-6x8f
github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26146.yml
lists.debian.org/debian-lts-announce/2024/04/msg00022.html
security.netapp.com/advisory/ntap-20240510-0006/
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial