How could hacker gain remote code execution when the application uses Marshal.load?

Question

Can someone give me an example on how a hacker can achieve remote code execution when the ruby on rails application handles the user input inside Marshal.load() aka serializ