Snippets Groups Projects

[3.10] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)

Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.

References:

http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706

(from redmine: issue id 10252, created on 2019-04-15, closed on 2019-05-06)

Relations:
- parent #10251 (closed)
Changesets:
- Revision 7571f6ce by Natanael Copa on 2019-05-06T17:03:40Z:

main/lua5.3: security fix for CVE-2019-6706

fixes #10252

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Child items ...

Activity

Alicha CH changed milestone to %3.10.0 5 years ago

changed milestone to %3.10.0
Alicha CH added Normal tag:security type:bug + 1 deleted label 5 years ago

added Normal tag:security type:bug + 1 deleted label
Natanael Copa @ncopa · 5 years ago

Owner

Applied in changeset alpine:commit:7571f6ce.

(from redmine: written on 2019-05-06)
algitbot closed 5 years ago

closed
Alicha CH mentioned in issue #10251 (closed) 5 years ago

mentioned in issue #10251 (closed)
Natanael Copa removed 1 deleted label 5 years ago

removed 1 deleted label

Please register or sign in to reply