Note:
This project will be discontinued after December 13, 2021. [more]
2020-07-21
mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.
| Products | Debian_linux, Mruby |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://lists.debian.org/debian-lts-announce/2022/05/msg00006.html
• https://github.com/mruby/mruby/issues/5042 |