CVE-2024-27280Classic Buffer Overflow in Ruby2.7

CWE-120Classic Buffer OverflowCWE-126Buffer Over-read13 documents8 sources
Severity
9.8CRITICALNVD
EPSS
6.5%
top 8.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Debian Ruby2.7Debian Ruby3.1Apple Macos Sequoia+2 more
Timeline
PublishedMay 14
Latest updateSep 15

Description

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

debiandebian/ruby2.7< ruby2.7 2.7.4-1+deb11u2 (bullseye)
debiandebian/ruby3.1< ruby2.7 2.7.4-1+deb11u2 (bullseye)
Appleapple/macos_sonoma14.8

🔴Vulnerability Details

4
OSV
ruby2.5, ruby2.7, ruby3.0, ruby3.2, ruby3.3 vulnerabilities2025-09-03
OSV
CVE-2024-27280: A buffer-overread issue was discovered in StringIO 32024-05-14
OSV
StringIO buffer overread vulnerability2024-03-25
GHSA
StringIO buffer overread vulnerability2024-03-25

📋Vendor Advisories

8
Apple
CVE-2024-27280: macOS Sequoia 15.72025-09-15
Apple
CVE-2024-27280: macOS Sonoma 14.82025-09-15
Apple
CVE-2024-27280: macOS Tahoe 262025-09-15
Ubuntu
Ruby vulnerabilities2025-09-03
Oracle
Oracle Oracle JD Edwards Risk Matrix: E1 Dev Platform Tech - Cloud (Ruby) — CVE-2024-272802025-01-15