CVE-2020-15888 - OpenCVE

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Lua	Lua

Configuration 1 [-]

cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*

References

Link	Resource
http://lua-users.org/lists/lua-l/2020-07/msg00053.html	Exploit Mailing List Third Party Advisory
http://lua-users.org/lists/lua-l/2020-07/msg00054.html	Exploit Mailing List Third Party Advisory
http://lua-users.org/lists/lua-l/2020-07/msg00071.html	Exploit Mailing List Third Party Advisory
http://lua-users.org/lists/lua-l/2020-07/msg00079.html	Exploit Mailing List Third Party Advisory
https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7	Patch Third Party Advisory
https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-21T21:36:02

Updated: 2020-07-21T21:36:02

Reserved: 2020-07-21T00:00:00

Link: CVE-2020-15888

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-07-21T22:15:12.090

Modified: 2023-05-16T22:31:05.550

Link: CVE-2020-15888

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-21T21:36:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7"}, {"tags": ["x_refsource_MISC"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00053.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00054.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00071.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00079.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-15888", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5", "refsource": "MISC", "url": "https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5"}, {"name": "https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7", "refsource": "MISC", "url": "https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7"}, {"name": "http://lua-users.org/lists/lua-l/2020-07/msg00053.html", "refsource": "MISC", "url": "http://lua-users.org/lists/lua-l/2020-07/msg00053.html"}, {"name": "http://lua-users.org/lists/lua-l/2020-07/msg00054.html", "refsource": "MISC", "url": "http://lua-users.org/lists/lua-l/2020-07/msg00054.html"}, {"name": "http://lua-users.org/lists/lua-l/2020-07/msg00071.html", "refsource": "MISC", "url": "http://lua-users.org/lists/lua-l/2020-07/msg00071.html"}, {"name": "http://lua-users.org/lists/lua-l/2020-07/msg00079.html", "refsource": "MISC", "url": "http://lua-users.org/lists/lua-l/2020-07/msg00079.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-15888", "datePublished": "2020-07-21T21:36:02", "dateReserved": "2020-07-21T00:00:00", "dateUpdated": "2020-07-21T21:36:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*", "matchCriteriaId": "E9F78BF8-B73C-42C6-AF54-2CD935670053", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free."}, {"lang": "es", "value": "Lua versiones hasta 5.4.0, maneja inapropiadamente la interacci\u00f3n entre el cambio de tama\u00f1o de la pila y la recolecci\u00f3n de basura, conllevando a un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria, a una lectura excesiva del b\u00fafer en la regi\u00f3n heap de la memoria o un uso de la memoria previamente liberada"}], "id": "CVE-2020-15888", "lastModified": "2023-05-16T22:31:05.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-21T22:15:12.090", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00053.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00054.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00071.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://lua-users.org/lists/lua-l/2020-07/msg00079.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-416"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}