mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.
References
Link | Resource |
---|---|
https://github.com/mruby/mruby/issues/5042 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/05/msg00006.html | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-07-21T14:54:09
Updated: 2022-05-06T10:06:43
Reserved: 2020-07-21T00:00:00
Link: CVE-2020-15866
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-21T15:15:14.537
Modified: 2022-05-12T20:14:37.457
Link: CVE-2020-15866
JSON object: View
Redhat Information
No data.
CWE