Linux Distros Unpatched Vulnerability : CVE-2021-45985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 Note that Nessus relies on the presence of...

CBL Mariner 2.0 Security Update: lua / ntopng / memcached (CVE-2021-45985)

The version of lua / ntopng / memcached installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-45985 advisory. - In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffe...

CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2

CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2. A patched version of the package is available...

Amazon Linux 2023 : lua, lua-devel, lua-libs (ALAS2023-2024-533)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-533 advisory. 2024-05-09: CVE-2022-33099 was added to this advisory. In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 An issue in the...

Medium: lua

Issue Overview: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. CVE-2022-33099 Affected Packages: lua...

EulerOS 2.0 SP11 : lua (EulerOS-SA-2023-2697)

According to the versions of the lua package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 Note that Tenable Network...

EulerOS Virtualization 2.11.1 : lua (EulerOS-SA-2023-2732)

According to the versions of the lua package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 Note that Tenab...

EulerOS 2.0 SP11 : lua (EulerOS-SA-2023-2655)

According to the versions of the lua package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. CVE-2021-45985 Note that Tenable Network...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2023-2763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2023-2732)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2023-2655)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2023-2697)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-45985 affecting package lua for versions less than 5.4.3-5

CVE-2021-45985 affecting package lua for versions less than 5.4.3-5. A patched version of the package is available...

CVE-2021-45985 affecting package memcached for versions less than 1.6.13-3

CVE-2021-45985 affecting package memcached for versions less than 1.6.13-3. A patched version of the package is available...

CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2

CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2. A patched version of the package is available...

OESA-2023-1241 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to...

OESA-2023-1242 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to...

Mitre: CVE-2021-45985 Erroneous finalizer call in Lua leads to a heap-based buffer over-read

This CVE was assigned by Mitre. Some Microsoft products consume Lau open-source software. The purpose of this document is to attest to the fact that the products listed in the Security Updates table have been updated to protect against this vulnerability...

CVE-2021-45985

A heap-based buffer overflow issue was found in Lua Interpreter. The vulnerability can be exploited when an erroneous finalizer calls during a tail call with an invalid stack, triggering an out-of-bounds read, leading to a crash or a denial of service...

AZL-26155 CVE-2021-45985 affecting package memcached for versions less than 1.6.13-3

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...