30 matches found
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal as demonstrated by getlocal(32^31).
...
SUSE CVE-2020-15945
Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in changedline in ldebug.c e.g., when called by luaGtraceexec because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function...
SUSE CVE-2020-24369
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference...
Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service.
...
DEBIAN-CVE-2021-44647
Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service...
PT-2022-12190
Name of the Vulnerable Software and Affected Versions Lua versions 5.4.2 through 5.4.4 Description The issue is related to a type confusion in the funcnamefromcode function in ldebug.c, which can cause a local denial of service due to a SEGV. Recommendations For Lua versions 5.4.2 through 5.4.4,...
The vulnerability of the ldebug.c component of the Lua script interpreter, related to a numerical loss of significance, allows an attacker to trigger a service failure.
The vulnerability of the ldebug.c component of the Lua script interpreter is related to a numerical loss of significance. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...
AZL-41149 CVE-2020-24370 affecting package lua for versions less than 5.4.6-1
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31...
AZL-6671 CVE-2020-15945 affecting package lua for versions less than 5.4.3-1
Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in changedline in ldebug.c e.g., when called by luaGtraceexec because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function...
PT-2020-6263 · Lua +7 · Lua +7
Name of the Vulnerable Software and Affected Versions: Lua version 5.4.0 Description: The issue is related to an integer overflow in the ldebug.c component of the Lua script interpreter. This can be exploited by a remote attacker to cause a denial of service. The vulnerability is demonstrated by...