CVE-2024-26141 - OpenCVE

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9
https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b
https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml
https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html
https://security.netapp.com/advisory/ntap-20240510-0007/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-28T23:28:10.503Z

Updated: 2024-02-28T23:28:10.503Z

Reserved: 2024-02-14T17:40:03.688Z

Link: CVE-2024-26141

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-02-29T00:15:51.403

Modified: 2024-06-10T17:16:22.443

Link: CVE-2024-26141

JSON object: View

Redhat Information

No data.

CWE

CWE-400

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26141", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-02-14T17:40:03.688Z", "datePublished": "2024-02-28T23:28:10.503Z", "dateUpdated": "2024-02-28T23:28:10.503Z"}, "containers": {"cna": {"title": "Possible DoS Vulnerability with Range Header in Rack", "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6"}, {"name": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9", "tags": ["x_refsource_MISC"], "url": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9"}, {"name": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b", "tags": ["x_refsource_MISC"], "url": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b"}, {"name": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944", "tags": ["x_refsource_MISC"], "url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"}, {"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml", "tags": ["x_refsource_MISC"], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"}, {"url": "https://security.netapp.com/advisory/ntap-20240510-0007/"}], "affected": [{"vendor": "rack", "product": "rack", "versions": [{"version": ">= 3.0.0, < 3.0.9.1", "status": "affected"}, {"version": ">= 1.3.0, < 2.2.8.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-28T23:28:10.503Z"}, "descriptions": [{"lang": "en", "value": "Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1."}], "source": {"advisory": "GHSA-xj5v-6v4g-jfw6", "discovery": "UNKNOWN"}}}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1."}, {"lang": "es", "value": "Rack es una interfaz modular de servidor web Ruby. Los encabezados de rango cuidadosamente elaborados pueden hacer que un servidor responda con una respuesta inesperadamente grande. Responder con respuestas tan amplias podr\u00eda dar lugar a un problema de denegaci\u00f3n de servicio. Las aplicaciones vulnerables utilizar\u00e1n el middleware `Rack::File` o los m\u00e9todos `Rack::Utils.byte_ranges` (esto incluye aplicaciones Rails). La vulnerabilidad se solucion\u00f3 en 3.0.9.1 y 2.2.8.1."}], "id": "CVE-2024-26141", "lastModified": "2024-06-10T17:16:22.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-02-29T00:15:51.403", "references": [{"source": "security-advisories@github.com", "url": "https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944"}, {"source": "security-advisories@github.com", "url": "https://github.com/rack/rack/commit/4849132bef471adb21131980df745f4bb84de2d9"}, {"source": "security-advisories@github.com", "url": "https://github.com/rack/rack/commit/62457686b26d33a15a254c7768c2076e8e02b48b"}, {"source": "security-advisories@github.com", "url": "https://github.com/rack/rack/security/advisories/GHSA-xj5v-6v4g-jfw6"}, {"source": "security-advisories@github.com", "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2024-26141.yml"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00022.html"}, {"source": "security-advisories@github.com", "url": "https://security.netapp.com/advisory/ntap-20240510-0007/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "security-advisories@github.com", "type": "Secondary"}]}