OSV-2024-1411 Use-of-uninitialized-value in mark_context

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386128938 Crash type: Use-of-uninitialized-value Crash state: markcontext incrementalgc mrbincrementalgc...

PT-2024-40649 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value". The crash state involves several functions: mark context, incremental gc, and mrb...

OSV-2024-1175 Use-of-uninitialized-value in mark_context

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=370775021 Crash type: Use-of-uninitialized-value Crash state: markcontext incrementalgc mrbincrementalgc...

mruby Denial of Service Vulnerability

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in the gc.c file 'markcontextstack' function in mruby 1.2.0 and earlier. An attacker can exploit this vulnerability with the help of a specially crafted .rb file to cause a denial of service heap reuse aft...

UBUNTU-CVE-2017-9527

The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...