mruby buffer overflow vulnerability (CNVD-2022-11177)

mruby is a lightweight implementation of the Ruby language. buffer overflow exists in versions of Mruby prior to 3.2, and the vulnerability stems from a heap overflow in mrbfsend. An attacker could exploit this vulnerability to execute arbitrary code...

mruby 安全漏洞

mruby is a lightweight implementation of the Ruby language. buffer overflow exists in versions of Mruby prior to 3.2, and the vulnerability stems from a heap overflow in mrbfsend. An attacker could exploit this vulnerability to execute arbitrary code...

Heap-based Buffer Overflow in mruby/mruby

Description Heap Overflow occurs in mrbfsend. commit : 38b164ace7d6ae1c367883a3d67d7f559783faad Proof of Concept $ echo -ne "c2VuZCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2Vu ZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiCg==" | base64 -d poc ASAN ...

Heap-based Buffer Overflow in mruby/mruby

Description Heap Overflow occurs in mrbfsend. commit : d912b864df3199f2108601a0451532c587a5e830 Proof of Concept $ echo -ne "c2VuZCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2Vu ZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5kIiwic2VuZCIsInNlbmQiLCJzZW5k IgAAAAo=" | base64...