Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.1.5-5ubuntu0.1", "binary_name": "liblua5.1-0" }, { "binary_version": "5.1.5-5ubuntu0.1", "binary_name": "liblua5.1-0-dbg" }, { "binary_version": "5.1.5-5ubuntu0.1", "binary_name": "liblua5.1-0-dev" }, { "binary_version": "5.1.5-5ubuntu0.1", "binary_name": "lua5.1" }, { "binary_version": "5.1.5-5ubuntu0.1", "binary_name": "lua5.1-doc" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.2.3-1", "binary_name": "liblua5.2-0" }, { "binary_version": "5.2.3-1", "binary_name": "liblua5.2-0-dbg" }, { "binary_version": "5.2.3-1", "binary_name": "liblua5.2-dev" }, { "binary_version": "5.2.3-1", "binary_name": "lua5.2" }, { "binary_version": "5.2.3-1", "binary_name": "lua5.2-doc" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.0.3-7", "binary_name": "liblua50" }, { "binary_version": "5.0.3-7", "binary_name": "liblua50-dev" }, { "binary_version": "5.0.3-7", "binary_name": "liblualib50" }, { "binary_version": "5.0.3-7", "binary_name": "liblualib50-dev" }, { "binary_version": "5.0.3-7", "binary_name": "lua50" }, { "binary_version": "5.0.3-7", "binary_name": "lua50-doc" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.0.3-7", "binary_name": "liblua50" }, { "binary_version": "5.0.3-7", "binary_name": "liblua50-dbgsym" }, { "binary_version": "5.0.3-7", "binary_name": "liblua50-dev" }, { "binary_version": "5.0.3-7", "binary_name": "liblualib50" }, { "binary_version": "5.0.3-7", "binary_name": "liblualib50-dbgsym" }, { "binary_version": "5.0.3-7", "binary_name": "liblualib50-dev" }, { "binary_version": "5.0.3-7", "binary_name": "lua50" }, { "binary_version": "5.0.3-7", "binary_name": "lua50-dbgsym" }, { "binary_version": "5.0.3-7", "binary_name": "lua50-doc" } ] }