Vulnerabilities > CVE-2020-15945 - Unspecified vulnerability in LUA

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

lua

NVD

Published: 2020-07-24

Updated: 2023-04-20

Summary

Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.

Vulnerable Configurations

Part	Description	Count
Application	Lua LUA LUA 5.3.1 LUA LUA 5.3.2 LUA LUA 5.3.3 LUA LUA 5.3.4 LUA LUA 5.3.5 LUA LUA 5.3.6	6

References

https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3
http://lua-users.org/lists/lua-l/2020-07/msg00123.html