CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly

The equality check of OpenSSL::X509::Name is not correct in the openssl extension library bundled with Ruby. This vulnerability has been assigned the CVE identifier CVE-2018-16395.


An instance of OpenSSL::X509::Name contains entities such as CN, C, and so on. Some two instances of OpenSSL::X509::Name are equal only when all entities are exactly equal. However, there is a bug that the equality check is not correct if the value of an entity of the argument (right-hand side) starts with the value of the receiver (left-hand side). So, if a malicious X.509 certificate is passed to compare with an existing certificate, there is a possibility to be judged incorrectly that they are equal.

It is strongly recommended for Ruby users to upgrade your Ruby installation or take one of the following workarounds as soon as possible.

Affected Versions

  • Ruby 2.3 series: 2.3.7 and earlier
  • Ruby 2.4 series: 2.4.4 and earlier
  • Ruby 2.5 series: 2.5.1 and earlier
  • Ruby 2.6 series: 2.6.0-preview2 and earlier
  • prior to trunk revision r65139


The openssl 2.1.2 gem or later includes a fix for the vulnerability, so upgrade the openssl gem to the latest version if you are using Ruby 2.4 or a later series.

gem install openssl -v ">= 2.1.2"

However, in the Ruby 2.3 series, you can not override the bundled version of openssl with the openssl gem. Please upgrade your Ruby installation to the latest version.


Thanks to Tyler Eckstein for reporting the issue.


  • Originally published at 2018-10-17 14:00:00 (UTC)
  • Mention the fixed revision of trunk at 2018-10-19 00:00:00 (UTC)