User after free in mrb_vm_exec in mruby/mruby
CVE-2022-1071

7.7HIGH

Key Information:

Vendor

Mruby

Status
Mruby/mruby
Vendor
CVE Published:
26 March 2022

What is CVE-2022-1071?

User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

mruby/mruby < 3.2

References

https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0...
x_refsource_CONFIRM
https://github.com/mruby/mruby/commit/aaa28a508903041dd73...
x_refsource_MISC

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.