Security Bulletin: Local Out-of-Bounds Write Vulnerability in mruby ary_fill_exec Function (v3.4.0), affects watsonx.data

Summary A local vulnerability in mruby v3.4.0 allows out-of-bounds writes via the aryfillexec function when manipulating the start or length arguments. Exploits are publicly available, and applying the patch 93619f06dd378db6766666b30c08978311c7ec94 is recommended. This can affect watsonx.data...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

UBUNTU-CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

mruby 缓冲区错误漏洞

mruby is a lightweight implementation of the Ruby language open-sourced by makesoftwaresafe. A buffer error vulnerability exists in mruby version 3.4.0, which stems from incorrect manipulation of the start/length parameters of the function aryfillexec in the file...