Описание
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
A flaw was found in Lua in versions through 5.4.0. The interactions between stack resizes and garbage collections are mishandled leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free. The highest threat from this vulnerability is to data confidentiality and integrity as well as data confidentiality.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | lua | Not affected | ||
| Red Hat Enterprise Linux 7 | lua | Not affected | ||
| Red Hat Enterprise Linux 8 | lua | Not affected | ||
| Red Hat Enterprise Linux 9 | lua | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection leading to a heap-based buffer overflow heap-based buffer over-read or use-after-free.
Lua through 5.4.0 mishandles the interaction between stack resizes and ...
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
EPSS
8.8 High
CVSS3