mruby 资源管理错误漏洞

mruby is a lightweight implementation of the Ruby language open-sourced by makesoftwaresafe. A resource management error vulnerability exists in mruby 3.4.0 and earlier versions, which stems from a post-release reuse issue with the sortcmp function in the file src/array.c. The vulnerability is...

PT-2025-46841

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort cmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

Linux Distros Unpatched Vulnerability : CVE-2025-13120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use aft...

Use-after-realloc vulnerablity in mruby 3.4.0

A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...

mruby array.c ary_fill_exec out-of-bounds write

...

SUSE CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2025-12875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

DEBIAN-CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been ma...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

UBUNTU-CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875 mruby array.c ary_fill_exec out-of-bounds write

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875 mruby array.c ary_fill_exec out-of-bounds write

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875

CVE-2025-12875 affects mruby 3.4.0, specifically the ary_fill_exec path in mrbgems/mruby-array-ext/src/array.c. The root cause is a manipulation of argument start/length that can trigger an out-of-bounds write, with a local attack vector and public exploits available. A patch is recorded as commi...

EUVD-2025-38294

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been ma...

PT-2025-45500

Name of the Vulnerable Software and Affected Versions mruby version 3.4.0 Description A flaw exists in mruby version 3.4.0 within the ary fill exec function located in the file mrbgems/mruby-array-ext/src/array.c. Manipulation of the start and length arguments can result in an out-of-bounds write...

mruby 缓冲区错误漏洞

mruby is a lightweight implementation of the Ruby language open-sourced by makesoftwaresafe. A buffer error vulnerability exists in mruby version 3.4.0, which stems from incorrect manipulation of the start/length parameters of the function aryfillexec in the file...

Out-of-bounds write vulnerability

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been ma...