Ruby Marvin Attack Vulnerability

A vulnerability exists in the Ruby interpreter, allowing for the Marvin Attack. This attack enables an attacker to decrypt previously encrypted messages or forge signatures by exchanging a large volume of messages with the affected service. The vulnerability is present in all Ruby versions.

Impact

Exploitation of this vulnerability could result in the unauthorized decryption of messages or the forgery of digital signatures.

Reproduction

The vulnerability can be reproduced by sending a large number of messages to a vulnerable Ruby service, while measuring the response time and error handling of the RSA decryption methods. This can be done over the network if the service processes attacker-controlled messages with those decryption methods.

Remediation

Users can upgrade to Ruby versions that include OpenSSL with the implicit rejection mechanism implemented, such as Ruby 3.2.0 or later. This feature has also been backported to RHEL-8 and RHEL-9.2.