PT-2020-6263 · Lua +7 · Lua +7

Name of the Vulnerable Software and Affected Versions: Lua version 5.4.0 Description: The issue is related to an integer overflow in the ldebug.c component of the Lua script interpreter. This can be exploited by a remote attacker to cause a denial of service. The vulnerability is demonstrated by...

Lua Heap Buffer Overflow Vulnerability

Lua is a lightweight, extensible open source scripting language from the Lua team. A buffer overflow vulnerability exists in Lua 5.4.0 and earlier versions, which stems from the program failing to properly check boundaries. A remote attacker can exploit the vulnerability with specially crafted...

CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

DEBIAN-CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15889

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

DEBIAN-CVE-2020-15890

LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...

AZL-6670 CVE-2020-15888 affecting package lua for versions less than 5.3.5-11

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15889

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

DEBIAN-CVE-2020-15889

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

Heap overflow

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

Heap overflow

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15889

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

UBUNTU-CVE-2020-15890

LuaJit through 2.1.0-beta3 has an out-of-bounds read because gc handler frame traversal is mishandled...

CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15888

CVE-2020-15888 affects Lua up to 5.4.0, where a flaw in the interaction between stack resizes and garbage collection causes heap-based overflow, heap-based over-read, or use-after-free. Public documents confirm the issue exists across Lua versions prior to patched releases and provide patch guida...

CVE-2020-15888

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free...

CVE-2020-15889

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...

CVE-2020-15889

CVE-2020-15889 concerns Lua 5.4.0 with a getobjname heap-based buffer over-read caused by lgc.c markold handling insufficient list members. Affects Lua 5.4.0; upstream fix is to upgrade to 5.4.1 (per Arch Linux ASA-202010-5 and related advisories). Impact is described as remote code execution in ...