CVE-2018-16395
Description
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The Ruby OpenSSL extension's X509::Name equality check can return true for non-matching names, enabling certificate spoofing.
Vulnerability
A flaw exists in the OpenSSL::X509::Name equality comparison (==) in Ruby's OpenSSL library, affecting versions before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3 [1][2][3][4]. When two OpenSSL::X509::Name objects are compared with ==, the implementation may incorrectly return true for non-equal objects under specific conditions: either when the first argument (the object whose == method is called) is one character longer than the second, or when the second argument contains a character that is one less than a character in the same position of the first argument [1][2][3][4].
Exploitation
An attacker must craft an X.509 certificate whose distinguished name (DN) is deliberately constructed to exploit the comparison flaw. The attacker does not require any special network position or authentication beyond the ability to present the crafted certificate to a system that uses OpenSSL::X509::Name == for certificate validation. By controlling the length or character values in the DN, the attacker can cause the comparison to incorrectly return true when the crafted certificate is compared against a legitimate, expected name [1][2][3][4].
Impact
Successful exploitation can lead to acceptance of an illegitimate certificate as if it were the legitimate one. This certificate could then be used in signing or encryption operations, effectively allowing the attacker to impersonate a trusted entity. The core compromise is to the integrity and authenticity of certificate-based trust, with potential consequences including man-in-the-middle attacks, unauthorized data access, and spoofing of services [1][2][3][4].
Mitigation
Red Hat released fixed versions via RHSA-2018:3738 (Ruby 2.0.0.648-34.el7_6), RHSA-2018:3731 (rh-ruby25-ruby-2.5.3-6.el7), RHSA-2018:3730, and RHSA-2018:3729 [1][2][3][4]. Users should update Ruby to the patched versions: 2.3.8, 2.4.5, 2.5.2, or 2.6.0-preview3 or later. No workaround is available for unpatched versions; upgrading is the only mitigation.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opensslRubyGems | < 2.0.9 | 2.0.9 |
opensslRubyGems | >= 2.1.0, < 2.1.2 | 2.1.2 |
Affected products
29- ghsa-coords29 versionspkg:gem/opensslpkg:rpm/opensuse/ruby2.5&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ruby2.5&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/ruby-bundled-gems-rpmhelper&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ruby-bundled-gems-rpmhelper&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ruby2.1&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ruby2.1&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ruby2.1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ruby2.1&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/ruby2.5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/ruby2.5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/ruby&distro=SUSE%20WebYast%201.3pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/yast2-ruby-bindings&distro=SUSE%20OpenStack%20Cloud%207
< 2.0.9+ 28 more
- (no CPE)range: < 2.0.9
- (no CPE)range: < 2.5.5-lp151.4.3.1
- (no CPE)range: < 2.5.5-lp151.4.3.1
- (no CPE)range: < 0.0.2-lp151.2.1
- (no CPE)range: < 0.0.2-lp151.2.1
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.1.9-19.3.2
- (no CPE)range: < 2.5.5-4.3.1
- (no CPE)range: < 2.5.5-4.3.1
- (no CPE)range: < 1.8.7.p357-0.9.20.3.1
- (no CPE)range: < 3.1.53-9.8.1
- (no CPE)range: < 3.1.53-9.8.1
- (no CPE)range: < 3.1.53-9.8.1
- (no CPE)range: < 3.1.53-9.8.1
Patches
1f653cfa43f0fx509name: fix OpenSSL::X509::Name#{cmp,<=>}
2 files changed · +11 −5
ext/openssl/ossl_x509name.c+1 −1 modified@@ -358,7 +358,7 @@ ossl_x509name_cmp(VALUE self, VALUE other) result = ossl_x509name_cmp0(self, other); if (result < 0) return INT2FIX(-1); - if (result > 1) return INT2FIX(1); + if (result > 0) return INT2FIX(1); return INT2FIX(0); }
test/test_x509name.rb+10 −4 modified@@ -330,10 +330,16 @@ def test_equals2 end def test_spaceship - n1 = OpenSSL::X509::Name.parse 'CN=a' - n2 = OpenSSL::X509::Name.parse 'CN=b' - - assert_equal(-1, n1 <=> n2) + n1 = OpenSSL::X509::Name.new([["CN", "a"]]) + n2 = OpenSSL::X509::Name.new([["CN", "a"]]) + n3 = OpenSSL::X509::Name.new([["CN", "ab"]]) + + assert_equal 0, n1 <=> n2 + assert_equal -1, n1 <=> n3 + assert_equal 0, n2 <=> n1 + assert_equal -1, n2 <=> n3 + assert_equal 1, n3 <=> n1 + assert_equal 1, n3 <=> n2 end def name_hash(name)
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
31- lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.htmlghsavendor-advisoryx_refsource_SUSEWEB
- access.redhat.com/errata/RHSA-2018:3729ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:3730ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:3731ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:3738ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2019:1948ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2019:2565ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-mmrq-6999-72v8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-16395ghsaADVISORY
- usn.ubuntu.com/3808-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4332ghsavendor-advisoryx_refsource_DEBIANWEB
- www.securitytracker.com/id/1042105mitrevdb-entryx_refsource_SECTRACK
- github.com/ruby/openssl/commit/f653cfa43f0f20e8c440122ea982382b6228e7f5ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/openssl/CVE-2018-16395.ymlghsaWEB
- hackerone.com/reports/387250ghsax_refsource_MISCWEB
- lists.debian.org/debian-lts-announce/2018/10/msg00020.htmlghsamailing-listx_refsource_MLISTWEB
- security.netapp.com/advisory/ntap-20190221-0002ghsaWEB
- security.netapp.com/advisory/ntap-20190221-0002/mitrex_refsource_CONFIRM
- usn.ubuntu.com/3808-1ghsaWEB
- web.archive.org/web/20211206015239/https://securitytracker.com/id/1042105ghsaWEB
- www.oracle.com/security-alerts/cpujan2020.htmlghsax_refsource_MISCWEB
- www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395ghsaWEB
- www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/mitrex_refsource_CONFIRM
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-releasedghsaWEB
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-3-8-released/mitrex_refsource_CONFIRM
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-releasedghsaWEB
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-4-5-released/mitrex_refsource_CONFIRM
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-releasedghsaWEB
- www.ruby-lang.org/en/news/2018/10/17/ruby-2-5-2-released/mitrex_refsource_CONFIRM
- www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-releasedghsaWEB
- www.ruby-lang.org/en/news/2018/11/06/ruby-2-6-0-preview3-released/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.