Vulnerability CVE-2014-5461: Information

Description

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Severity: MEDIUM (5.0)

URL: https://nvd.nist.gov/vuln/detail/CVE-2014-5461
Published: Sept. 4, 2014
Modified: May 3, 2023
Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink
Resource
[oss-security] 20140821 Re: CVE request: possible overflow in vararg functions
  • Exploit
  • Mailing List
  • Patch
  • Third Party Advisory
69342
  • Third Party Advisory
  • VDB Entry
[oss-security] 20140821 CVE request: possible overflow in vararg functions
  • Exploit
  • Mailing List
  • Patch
  • Third Party Advisory
DSA-3016
  • Third Party Advisory
DSA-3015
  • Third Party Advisory
http://www.lua.org/bugs.html#5.2.2-1
  • Patch
  • Vendor Advisory
[oss-security] 20140827 Re: Lua CVE request [was Re: CVE request: possible overflow in vararg functions]
  • Mailing List
  • Third Party Advisory
59890
    60869
      USN-2338-1
      • Third Party Advisory
      openSUSE-SU-2014:1145
      • Third Party Advisory
      http://advisories.mageia.org/MGASA-2014-0414.html
      • Third Party Advisory
      MDVSA-2015:144
      • Broken Link
      61411
        GLSA-201701-53
          GLSA-202305-23

              1. Configuration 1

                cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
                cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

                Configuration 2

                cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
                cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

                Configuration 3

                cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

                Configuration 4

                cpe:2.3:a:lua:lua:5.1.3:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.1.4:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.1.2:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.1.5:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.1.1:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.1:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.2.1:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.2.0:*:*:*:*:*:*:*
                cpe:2.3:a:lua:lua:5.2.2:*:*:*:*:*:*:*

                Configuration 5

                cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*
                cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.5.0
            Back to top