Skip to content

Rack has possible DoS Vulnerability with Range Header

Low severity GitHub Reviewed Published Feb 28, 2024 in rack/rack • Updated Feb 29, 2024

Package

bundler rack (RubyGems)

Affected versions

>= 3.0.0, < 3.0.9.1
>= 1.3.0, < 2.2.8.1

Patched versions

3.0.9.1
2.2.8.1

Description

Possible DoS Vulnerability with Range Header in Rack

There is a possible DoS vulnerability relating to the Range request header in
Rack. This vulnerability has been assigned the CVE identifier CVE-2024-26141.

Versions Affected: >= 1.3.0.
Not affected: < 1.3.0
Fixed Versions: 3.0.9.1, 2.2.8.1

Impact

Carefully crafted Range headers can cause a server to respond with an
unexpectedly large response. Responding with such large responses could lead
to a denial of service issue.

Vulnerable applications will use the Rack::File middleware or the
Rack::Utils.byte_ranges methods (this includes Rails applications).

Releases

The fixed releases are available at the normal locations.

Workarounds

There are no feasible workarounds for this issue.

Patches

To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.

  • 3-0-range.patch - Patch for 3.0 series
  • 2-2-range.patch - Patch for 2.2 series

Credits

Thank you ooooooo_q for the report and
patch

References

@tenderlove tenderlove published to rack/rack Feb 28, 2024
Published to the GitHub Advisory Database Feb 28, 2024
Reviewed Feb 28, 2024
Published by the National Vulnerability Database Feb 29, 2024
Last updated Feb 29, 2024

Severity

Low

EPSS score

0.044%
(11th percentile)

Weaknesses

CVE ID

CVE-2024-26141

GHSA ID

GHSA-xj5v-6v4g-jfw6

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.