Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-47-1 | lua5.1 security update |
![]() |
DSA-3015-1 | lua5.1 security update |
![]() |
DSA-3016-1 | lua5.2 security update |
![]() |
USN-2338-1 | Lua vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Sun, 13 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T11:48:49.016Z
Reserved: 2014-08-26T00:00:00
Link: CVE-2014-5461

No data.

Status : Deferred
Published: 2014-09-04T17:55:07.763
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-5461


No data.