CNNVD-202602-1062 Information

CNNVD ID

CNNVD-202602-1062

Related CVE

CVE-2026-1979

• CNNVD Published: 2026-02-06

Description (Chinese)

mruby是makesoftwaresafe开源的一款Ruby语言的轻量级实现。 mruby 3.4.0及之前版本存在资源管理错误漏洞，该漏洞源于JMPNOT-to-JMPIF Optimization组件中src/vm.c文件的mrb_vm_exec函数存在缺陷，可能导致释放后重用。

Description (English)

Mruby is a lightweight of the Ruby language that is an open source of makingsoftwaresafe. Mruby 3.4.0 and previous versions had a resource management error loophole, which stemmed from the defects of the mrb vm exec function of the src/vm.c file in the JMPNOT-to-JMPIF Optimization component, which could lead to reuse after release.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

makesoftwaresafe

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/mruby/mruby/ https://github.com/mruby/mruby/issues/6701 https://github.com/mruby/mruby/issues/6701#issue-3802609843 https://github.com/sysfce2/mruby/commit/e50f15c1c6e131fa7934355eb02b8173b13df415 https://vuldb.com/?ctiid.344501 https://vuldb.com/?id.344501 https://vuldb.com/?submit.743377