Bug 939860 (CVE-2009-5147) - VUL-1: CVE-2009-5147: ruby19,ruby,ruby2.1: DL::dlopen could open a library with tainted library name even if $SAFE > 0
Summary: VUL-1: CVE-2009-5147: ruby19,ruby,ruby2.1: DL::dlopen could open a library wi...
Status: RESOLVED FIXED
Alias: CVE-2009-5147
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/119297/
Whiteboard: CVSSv2:SUSE:CVE-2009-5147:2.6:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2015-07-29 12:06 UTC by Johannes Segitz
Modified: 2024-05-07 14:35 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
vpereira: needinfo? (mrueckert)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2015-07-29 12:06:44 UTC 
* DL::dlopen could open a library with tainted library name even if
$SAFE > 0
https://github.com/ruby/ruby/commit/4600cf725a86ce31266153647ae5aa1197b1215b

CVE-2009-5147.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5147
http://seclists.org/oss-sec/2015/q3/222
Comment 2 Swamp Workflow Management 2015-07-29 21:59:22 UTC 
bugbot adjusting priority
Comment 7 Swamp Workflow Management 2015-11-02 16:33:17 UTC 
SUSE-SU-2015:1889-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 926974,939860
CVE References: CVE-2009-5147,CVE-2015-1855
Sources used:
SUSE Studio Onsite 1.3 (src):    ruby19-1.9.3.p392-0.23.1
Comment 8 SMASH SMASH 2015-12-17 11:00:26 UTC 
An update workflow for this issue was started.

This issue was rated as "low".
Please submit fixed packages until "Dec. 24, 2015".

When done, reassign the bug to "security-team@suse.de".
/update/121177/.
Comment 9 Jordi Massaguer 2015-12-30 09:54:43 UTC 
I am not the maintainer for the other ruby versions other than 1.9 (AFAIK). ruby19 had been fixed long ago.

Assigning to darix as he is the maintainer/bugowner according to osc.

@darix: sorry I hadn't realized you were not on cc nor the assignee.
Comment 10 Marcus Rückert 2017-03-10 16:00:38 UTC 
This is fixed in all branches now.
Comment 12 Victor Pereira 2017-03-14 09:07:42 UTC 
I came up with a POC https://github.com/vpereira/CVE-2009-5147
Comment 13 Thomas Leroy 2024-05-07 14:35:21 UTC 
All done, closing.