Описание
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| lua5.3 | fixed | 5.3.6-1 | package | |
| lua5.3 | fixed | 5.3.3-1.1+deb11u1 | bullseye | package |
| lua5.2 | not-affected | package | ||
| lua5.1 | not-affected | package | ||
| lua50 | not-affected | package |
Примечания
http://lua-users.org/lists/lua-l/2019-01/msg00039.html
lua50 and lua5.1 don't have the affected code.
lua5.2 is not vulnerable as it doesn't free the value before using it.
https://github.com/lua/lua/commit/89aee84cbc9224f638f3b7951b306d2ee8ecb71e (v5.3.6)
EPSS
Связанные уязвимости
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
EPSS