{
  "threat_severity" : "Moderate",
  "public_date" : "2024-06-24T00:00:00Z",
  "bugzilla" : {
    "description" : "ruby: openssl: Ruby Marvin Attack",
    "id" : "2336100",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2336100"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-385",
  "details" : [ "A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service.", "A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service." ],
  "statement" : "More information about the Marvin Attack may be found at https://www.redhat.com/en/blog/marvin-attack.",
  "acknowledgement" : "This issue was discovered by Alicja Kario (Red Hat).",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "ruby:2.5/ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "ruby:3.1/ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "ruby:3.3/ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "ruby:3.1/ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "ruby:3.3/ruby",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Storage 3",
    "fix_state" : "Out of support scope",
    "package_name" : "ruby",
    "cpe" : "cpe:/a:redhat:storage:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-0306\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-0306" ],
  "name" : "CVE-2025-0306",
  "mitigation" : {
    "value" : "See the following possible mitigations for this flaw:\n* Do not use the methods with PKCS#1v1.5 padding in network contexts. Make sure that any calls that happen, will perform OAEP decryption only. Do not support PKCS#1v1.5 encryption padding at all.\n* Use Ruby with a version of OpenSSL that has the implicit rejection mechanism implemented.(https://github.com/openssl/openssl/pull/13817, https://github.com/openssl/openssl/commit/7fc67e0a33102aa47bbaa56533eeecb98c0450f7 included in 3.2.0, backported to RHEL-8)",
    "lang" : "en:us"
  },
  "csaw" : false
}