---
engine: ruby
cve: 2020-10933
url: https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
title: Heap exposure vulnerability in the socket library
date: 2020-03-31
description: |
  A heap exposure vulnerability was discovered in the socket library. This
  vulnerability has been assigned the CVE identifier CVE-2020-10933. We
  strongly recommend upgrading Ruby.

  When `BasicSocket#recv_nonblock` and `BasicSocket#read_nonblock` are invoked with
  size and buffer arguments, they initially resize the buffer to the specified
  size. In cases where the operation would block, they return without copying
  any data. Thus, the buffer string will now include arbitrary data from the
  heap. This may expose possibly sensitive data from the interpreter.

  This issue is exploitable only on Linux. This issue had been since Ruby
  2.5.0; 2.4 series is not vulnerable.
patched_versions:
  - "~> 2.5.8"
  - "~> 2.6.6"
  - ">= 2.7.1"
unaffected_versions:
  - "~> 2.4.0"