CVE-2014-5461

Description

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Affected packages (5)

• Debian/lua5.1from 0, < 5.1.5-7
• Debian/lua5.1from 0, < 5.1.4-5+deb6u1
• Debian/lua5.1from 0, < 5.1.5-4+deb7u1
• Debian/lua5.2from 0, < 5.2.3-1
• Debian/lua5.2from 0, < 5.2.1-3+deb7u1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-5461