CVE-2025-13120

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions mruby versions prior to 3.4.0

Description A use after free issue exists in the sort cmp() function within the src/array.c file. This flaw requires local access to be exploited.

Recommendations Apply patch eb398971bfb43c38db3e04528b68ac9a7ce509bc to resolve the issue. As a temporary workaround, consider restricting the use of the sort cmp() function.

Exploit

Fix

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

CVE-2025-13120

Affected Products

Debian

CVE-2025-13120

Weakness Enumeration

Related Identifiers

Affected Products

References · 15