CVE-2020-15888 — Out-of-bounds Read in Lua5.4

CWE-125 — Out-of-bounds Read CWE-416 — Use After Free CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow9 documents8 sources

Severity

8.8HIGHNVD

EPSS

1.2%

top 20.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Lua5.4 LUA Msrc Azl3 Ceph 18.2.2-8 ON Azure Linux 3.0 +2 more

Timeline

PublishedJul 21

Latest updateJun 30

Description

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

▶debiandebian/lua5.4< lua5.4 5.4.1-1 (bookworm)

▶NVDlua/lua5.4.0

▶msrcmsrc/cm1_lua_5.3.5-8_on_cbl_mariner_1.0

▶msrcmsrc/cbl2_lua_5.3.5-11_on_cbl_mariner_2.0

▶msrcmsrc/azl3_ceph_18.2.2-8_on_azure_linux_3.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-4f5v-4r5w-g4x3: Lua through 5↗2022-05-24

▶

OSV

CVE-2020-15888: Lua through 5↗2020-07-21

▶

📋Vendor Advisories

Microsoft

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection leading to a heap-based buffer overflow heap-based buffer over-read or use-after-free.↗2020-07-14

▶

Red Hat

lua: stack resizes and garbage collection leads to heap-based buffer overflow↗2020-07-06

▶

Debian

CVE-2020-15888: lua5.4 - Lua through 5.4.0 mishandles the interaction between stack resizes and garbage c...↗2020

▶

📄Research Papers

arXiv

Threat Assessment in Machine Learning based Systems↗2022-06-30

▶

💬Community

Bugzilla

CVE-2020-15888 lua: stack resizes and garbage collection leads to heap-based buffer overflow↗2020-07-24

▶

Bugzilla

CVE-2020-15888 lua: stack resizes and garbage collection leads to heap-based buffer overflow [fedora-all]↗2020-07-24

▶