AZL-65370 CVE-2024-25176 affecting package luajit for versions less than 2.1.0-27

🗓️ 07 Jul 2025 17:15:27Reported by GoogleType

AZL-65370 CVE-2024-25176: LuaJIT before 2.1.0-27 and OpenRusty luajit2 before 2.1-20240626 have stack-buffer-overflow in lj_strfmt_wfnum.

Reporter	Title	Published	Views	Family All 56
Tenable Nessus	Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2025-1357)	8 Jan 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2025-093 (ALASECS-2025-093)	5 Jan 202600:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: luajit / sysbench (CVE-2024-25176)	25 Jul 202500:00	–	nessus
Tenable Nessus	Debian dla-4283 : libluajit-5.1-2 - security update	25 Aug 202500:00	–	nessus
Tenable Nessus	Fedora 41 : luajit (2025-4430674f97)	18 Jul 202500:00	–	nessus
Tenable Nessus	Fedora 42 : luajit (2025-b1082e9269)	12 Jul 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: luajit / sysbench (CVE-2024-25176)	25 Jul 202500:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : lua51-luajit (SUSE-SU-2025:02886-1)	20 Aug 202500:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : luajit (SUSE-SU-2025:03378-1)	27 Sep 202500:00	–	nessus
Tenable Nessus	TencentOS Server 4: luajit (TSSA-2025:0597)	21 Aug 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-25176

21 Apr 2026 04:37Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.19.8

EPSS0.00576

SSVC