USN-7840-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-7840-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7840-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-7840-1
Upstream
Related
Published
2025-10-27T14:39:58.774922Z
Modified
2025-10-28T09:32:31.820752Z
Summary
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
Details

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 18.04 LTS and Ubuntu 20.04 LTS were previously addressed in USN-7256-1 and USN-7734-1. This update addresses the issue in Ubuntu 16.04 LTS. (CVE-2024-35176)

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 20.04 LTS was previously addressed in USN-7256-1. This update addresses the issue in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-39908, CVE-2024-41123)

It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with many entity expansions. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 20.04 LTS was previously addressed in USN-7091-2. This update addresses the issue in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-41946)

It was discovered that the WEBrick module bundled into Ruby incorrectly handled having both a Content-Length header and a Transfer-Encoding header. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. (CVE-2024-47220)

It was discovered that the WEBrick module bundled into Ruby incorrectly parsed HTTP headers. In configurations where the WEBrick module is placed behind an HTTP proxy, a remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. (CVE-2025-6442)

References

Affected packages

Ubuntu:Pro:16.04:LTS / ruby2.3

Package

Name
ruby2.3
Purl
pkg:deb/ubuntu/ruby2.3@2.3.1-2~ubuntu16.04.16+esm11?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.3.1-2~ubuntu16.04.16+esm11

Affected versions

2.*

2.3.0-1
2.3.0-2
2.3.0-4ubuntu2
2.3.0-4ubuntu3
2.3.0-5ubuntu1
2.3.1-2~16.04
2.3.1-2~16.04.2
2.3.1-2~16.04.4
2.3.1-2~16.04.5
2.3.1-2~16.04.6
2.3.1-2~16.04.7
2.3.1-2~16.04.9
2.3.1-2~16.04.10
2.3.1-2~16.04.11
2.3.1-2~16.04.12
2.3.1-2~ubuntu16.04.13
2.3.1-2~ubuntu16.04.14
2.3.1-2~ubuntu16.04.15
2.3.1-2~ubuntu16.04.16
2.3.1-2~ubuntu16.04.16+esm1
2.3.1-2~ubuntu16.04.16+esm2
2.3.1-2~ubuntu16.04.16+esm3
2.3.1-2~ubuntu16.04.16+esm4
2.3.1-2~ubuntu16.04.16+esm5
2.3.1-2~ubuntu16.04.16+esm6
2.3.1-2~ubuntu16.04.16+esm7
2.3.1-2~ubuntu16.04.16+esm8
2.3.1-2~ubuntu16.04.16+esm9
2.3.1-2~ubuntu16.04.16+esm10

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11",
            "binary_name": "libruby2.3"
        },
        {
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11",
            "binary_name": "ruby2.3"
        },
        {
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11",
            "binary_name": "ruby2.3-dev"
        },
        {
            "binary_version": "2.3.1-2~ubuntu16.04.16+esm11",
            "binary_name": "ruby2.3-tcltk"
        }
    ]
}

Database specific

cves_map

{
    "cves": [
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-35176"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-39908"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-41123"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-41946"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-47220"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-6442"
        }
    ],
    "ecosystem": "Ubuntu:Pro:16.04:LTS"
}

Ubuntu:Pro:18.04:LTS / ruby2.5

Package

Name
ruby2.5
Purl
pkg:deb/ubuntu/ruby2.5@2.5.1-1ubuntu1.16+esm6?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-1ubuntu1.16+esm6

Affected versions

2.*

2.5.0~preview1-1ubuntu2
2.5.0-4ubuntu1
2.5.0-4ubuntu4
2.5.0-5ubuntu1
2.5.0-6ubuntu1
2.5.1-1ubuntu1
2.5.1-1ubuntu1.1
2.5.1-1ubuntu1.2
2.5.1-1ubuntu1.4
2.5.1-1ubuntu1.5
2.5.1-1ubuntu1.6
2.5.1-1ubuntu1.7
2.5.1-1ubuntu1.8
2.5.1-1ubuntu1.9
2.5.1-1ubuntu1.10
2.5.1-1ubuntu1.11
2.5.1-1ubuntu1.12
2.5.1-1ubuntu1.13
2.5.1-1ubuntu1.14
2.5.1-1ubuntu1.15
2.5.1-1ubuntu1.16
2.5.1-1ubuntu1.16+esm1
2.5.1-1ubuntu1.16+esm3
2.5.1-1ubuntu1.16+esm4
2.5.1-1ubuntu1.16+esm5

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.5.1-1ubuntu1.16+esm6",
            "binary_name": "libruby2.5"
        },
        {
            "binary_version": "2.5.1-1ubuntu1.16+esm6",
            "binary_name": "ruby2.5"
        },
        {
            "binary_version": "2.5.1-1ubuntu1.16+esm6",
            "binary_name": "ruby2.5-dev"
        }
    ]
}

Database specific

cves_map

{
    "cves": [
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-39908"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-41123"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-41946"
        },
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-47220"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-6442"
        }
    ],
    "ecosystem": "Ubuntu:Pro:18.04:LTS"
}

Ubuntu:Pro:20.04:LTS / ruby2.7

Package

Name
ruby2.7
Purl
pkg:deb/ubuntu/ruby2.7@2.7.0-5ubuntu1.18+esm3?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.0-5ubuntu1.18+esm3

Affected versions

2.*

2.7.0-1
2.7.0-2
2.7.0-3
2.7.0-4
2.7.0-4ubuntu1
2.7.0-5ubuntu1
2.7.0-5ubuntu1.1
2.7.0-5ubuntu1.2
2.7.0-5ubuntu1.3
2.7.0-5ubuntu1.4
2.7.0-5ubuntu1.5
2.7.0-5ubuntu1.6
2.7.0-5ubuntu1.7
2.7.0-5ubuntu1.8
2.7.0-5ubuntu1.9
2.7.0-5ubuntu1.10
2.7.0-5ubuntu1.11
2.7.0-5ubuntu1.12
2.7.0-5ubuntu1.13
2.7.0-5ubuntu1.14
2.7.0-5ubuntu1.15
2.7.0-5ubuntu1.16
2.7.0-5ubuntu1.17
2.7.0-5ubuntu1.18
2.7.0-5ubuntu1.18+esm1

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.7.0-5ubuntu1.18+esm3",
            "binary_name": "libruby2.7"
        },
        {
            "binary_version": "2.7.0-5ubuntu1.18+esm3",
            "binary_name": "ruby2.7"
        },
        {
            "binary_version": "2.7.0-5ubuntu1.18+esm3",
            "binary_name": "ruby2.7-dev"
        }
    ]
}

Database specific

cves_map

{
    "cves": [
        {
            "severity": [
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2024-47220"
        },
        {
            "severity": [
                {
                    "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ],
            "id": "CVE-2025-6442"
        }
    ],
    "ecosystem": "Ubuntu:Pro:20.04:LTS"
}