{"id":"CVE-2016-2339","details":"An exploitable heap overflow vulnerability exists in the Fiddle::Function.new \"initialize\" function functionality of Ruby. In Fiddle::Function.new \"initialize\" heap buffer \"arg_types\" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.","modified":"2026-04-16T06:18:16.105092936Z","published":"2017-01-06T21:59:00.493Z","related":["SUSE-SU-2017:0914-1","SUSE-SU-2017:1067-1","SUSE-SU-2020:1570-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/91234"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"},{"type":"EVIDENCE","url":"http://www.talosintelligence.com/reports/TALOS-2016-0034/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ruby/ruby","events":[{"introduced":"0"},{"last_affected":"a9721a259665149b1b9ff0beabcf5f8dc0136120"},{"introduced":"0"},{"last_affected":"d40ea2afa6ff5a6e5befcf342fb7b6dc58796b20"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.2.2"},{"introduced":"0"},{"last_affected":"2.3.0"}]}}],"versions":["v1_0_r2","v2_2_0_rc1","v2_2_2","v2_3_0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2339.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}