Miggo Logo
Miggo Vulnerability Database
CVE-2017-16229

CVE-2017-16229: Ox gem stack overflow in sax_parse

5.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2017-16229
GHSA ID
GHSA-wfwm-chj7-w59r
EPSS Score
0.38332%
CWE
CWE-125
Published
3/5/2018
Updated
8/29/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
oxrubygems< 2.8.22.8.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly identifies read_from_str in sax_buf.c as the location of the buffer over-read. The crash backtrace shows execution flow through ox_stpncpy (line 204 of sax_buf.c) during the overflow. ASan output confirms stack-buffer-overflow in the parse function's context, which is fed by read_from_str. Multiple sources (CVE, GHSA, issue #195) consistently reference these functions as the vulnerable components. The root cause is improper bounds checking during XML input processing in these low-level C functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In t** Ox **m *.*.* *or Ru*y, t** pro**ss *r*s**s wit* * st**k-**s** *u***r ov*r-r*** in t** `r***_*rom_str` *un*tion in `s*x_*u*.*` w**n * *r**t** input is suppli** to `s*x_p*rs*`.

Reasoning

T** vuln*r**ility **s*ription *xpli*itly i**nti*i*s r***_*rom_str in s*x_*u*.* *s t** lo**tion o* t** *u***r ov*r-r***. T** *r*s* ***ktr*** s*ows *x**ution *low t*rou** ox_stpn*py (lin* *** o* s*x_*u*.*) *urin* t** ov*r*low. *S*n output *on*irms st**