CVE-2022-28805 — Out-of-bounds Read in LUA

CWE-125 — Out-of-bounds Read8 documents7 sources

Severity

9.1CRITICALNVD

EPSS

0.2%

top 61.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

LUA Debian Lua5.1 Debian Lua5.2 +28 more

Timeline

PublishedApr 8

Latest updateJul 29

Description

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages30 packages

▶NVDlua/lua5.4.0 — 5.4.5

▶debiandebian/lua50< lua5.4 5.4.4-2 (bookworm)

▶debiandebian/lua5.1< lua5.4 5.4.4-2 (bookworm)

▶debiandebian/lua5.2< lua5.4 5.4.4-2 (bookworm)

▶debiandebian/lua5.3< lua5.4 5.4.4-2 (bookworm)

Also affects: Fedora 35, 36

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

lua5.4 vulnerabilities↗2024-07-29

▶

GHSA

GHSA-pxhp-rhgc-5jx8: singlevar in lparser↗2022-04-09

▶

OSV

CVE-2022-28805: singlevar in lparser↗2022-04-08

▶

📋Vendor Advisories

Ubuntu

Lua vulnerabilities↗2024-07-29

▶

Microsoft

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call leading to a heap-based buffer over-read that might affect a system that compiles un↗2022-04-12

▶

Red Hat

lua: heap buffer overread↗2022-04-08

▶

Debian

CVE-2022-28805: lua5.1 - singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lac...↗2022

▶