The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact.
References
Link | Resource |
---|---|
https://github.com/mruby/mruby/commit/b64ce17852b180dfeea81cf458660be41a78974d | Patch Third Party Advisory |
https://github.com/mruby/mruby/issues/4027 | Exploit Issue Tracking Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/05/msg00006.html | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-06-05T13:00:00
Updated: 2022-05-06T10:06:27
Reserved: 2018-06-05T00:00:00
Link: CVE-2018-11743
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-06-05T13:29:00.360
Modified: 2022-05-12T20:11:55.160
Link: CVE-2018-11743
JSON object: View
Redhat Information
No data.
CWE