- ------------------------------------------------------------------------- Debian LTS Advisory DLA-2996-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA May 06, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : mruby Version : 1.2.0+20161228+git30d5424a-1+deb9u1 CVE ID : CVE-2017-9527 CVE-2018-10191 CVE-2018-11743 CVE-2018-12249 CVE-2018-14337 CVE-2020-15866 Multiple security issues were discovered in mruby, a lightweight implementation of the Ruby language CVE-2017-9527 heap-based use-after-free vulnerability allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rb file CVE-2018-10191 an integer overflow exists when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code CVE-2018-11743 uninitialized pointer which allows attackers to cause a denial of service or possibly have unspecified other impact. CVE-2018-12249 There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. CVE-2018-14337 a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length CVE-2020-15866 a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling For Debian 9 stretch, these problems have been fixed in version 1.2.0+20161228+git30d5424a-1+deb9u1. We recommend that you upgrade your mruby packages. For the detailed security status of mruby please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mruby Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS: DLA-2996-1: mruby security update
May 6, 2022
Summary
CVE-2017-9527
heap-based use-after-free vulnerability allows attackers to cause
a denial of service or possibly have unspecified other impact via
a crafted .rb file
CVE-2018-10191
an integer overflow exists when handling OP_GETUPVAR in the
presence of deep scope nesting, resulting in a use-after-free. An
attacker that can cause Ruby code to be run can use this to
possibly execute arbitrary code
CVE-2018-11743
uninitialized pointer which allows attackers to cause a denial of
service or possibly have unspecified other impact.
CVE-2018-12249
There is a NULL pointer dereference in mrb_class_real because
"class BasicObject" is not properly supported in class.c.
CVE-2018-14337
a signed integer overflow, possibly leading to out-of-bounds
memory access because the mrb_str_resize function in string.c does
not check for a negative length
CVE-2020-15866
a heap-based buffer overflow in the mrb_yield_with_class function
in vm.c because of incorrect VM stack handling
For Debian 9 stretch, these problems have been fixed in version
1.2.0+20161228+git30d5424a-1+deb9u1.
We recommend that you upgrade your mruby packages.
For the detailed security status of mruby please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mruby
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Severity
Package : mruby
Version : 1.2.0+20161228+git30d5424a-1+deb9u1
CVE ID : CVE-2017-9527 CVE-2018-10191 CVE-2018-11743 CVE-2018-12249
News
HOWTOs
About Us
Powered By
Get Customized Security Advisories that Impact You Directly Create My Customized Advisories Now >>
To stay up-to-date on the latest open-source security news, feature articles and Linux distribution security advisories Subscribe to Our Newsletters!