DRb denial of service vulnerability

It is possible to crash the DRb server by providing malformed input. By following DRb example (https://ruby-doc.org/stdlib-2.7.0/libdoc/drb/rdoc/DRb.html#module-DRb-label-Server+code) it was created the simple server and client code (attached): * `drb_server.rb` * `drb_client.rb` (client code was modified to perform basic fuzzing of TCP payload) Running both script results in crashing the drb_server.rb and producing core dump: ``` -- Ruby level backtrace information ---------------------------------------- /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1730:in `block in main_loop' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1730:in `loop' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1734:in `block (2 levels) in main_loop' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1641:in `perform' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1677:in `setup_message' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1665:in `init_with_client' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:931:in `recv_request' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:620:in `recv_request' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1856:in `to_obj' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:1537:in `to_obj' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:366:in `to_obj' /home/user/.rbenv/versions/2.7.1/lib/ruby/2.7.0/drb/drb.rb:366:in `_id2ref' ``` The crash occurs at https://github.com/ruby/ruby/blob/master/lib/drb/drb.rb#L366 `./lib/drb/drb.rb#L366 ObjectSpace._id2ref(ref)` ## Impact DoS of the DRb server is possible by injection of malicious input.