CVE-2022-24795Heap-based Buffer Overflow in Project Yajl-ruby

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents7 sources
Severity
7.5HIGHNVD
EPSS
1.4%
top 19.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
19
Burp Project BurpYajl-ruby Project Yajl-rubyDebian Burp+16 more
Timeline
PublishedApr 5
Latest updateDec 14

Description

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB) inputs. The reallocation logic at `yajl_buf.c#L64` may result in the `need` 32bit integer wrapping to 0 when `need` approaches a value of 0x80000000 (i.e. ~2GB of data), which results in a reallocation of buf->alloc into a small heap chunk. These integers are declared as `s

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages20 packages

debiandebian/ruby-yajl< burp 3.1.4-2 (forky)
RubyGemsyajl-ruby_project/yajl-ruby< 1.4.3
CVEListV5brianmario/yajl-ruby1.4.1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

5
OSV
yajl vulnerabilities2023-12-14
OSV
yajl vulnerabilities2023-07-18
GHSA
Buffer Overflow in yajl-ruby2022-04-05
OSV
Buffer Overflow in yajl-ruby2022-04-05
OSV
CVE-2022-24795: yajl-ruby is a C binding to the YAJL JSON parsing and generation library2022-04-05

📋Vendor Advisories

5
Ubuntu
YAJL vulnerabilities2023-12-14
Ubuntu
YAJL vulnerabilities2023-07-18
Microsoft
Buffer Overflow and Integer Overflow in yajl-ruby2022-04-12
Red Hat
yajl: heap-based buffer overflow when handling large inputs due to an integer overflow2022-04-05
Debian
CVE-2022-24795: burp - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1....2022
CVE-2022-24795 — Heap-based Buffer Overflow | cvebase