Segmentation Fault Vulnerability in Lua by Lua.org
CVE-2020-15945

5.5MEDIUM

Key Information:

Vendor: Lua
Status: Lua
Vendor: CVE Published:; 24 July 2020

What is CVE-2020-15945?

The Lua programming language, up to version 5.4.0, contains a segmentation fault vulnerability that occurs in the 'changedline' function located within 'ldebug.c'. During the execution of a function, the flow control does not properly update the 'oldpc' value, which can lead to unpredictable behavior or crashes. This vulnerability highlights the importance of correct state handling in control flow mechanics within programming languages, particularly for execution tracing mechanisms.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lua-users.org/lists/lua-l/2020-07/msg00123.html

https://github.com/lua/lua/commit/a2195644d89812e5b157ce7...

https://www.lua.org/bugs.html#5.4.0-8

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 24, 2020
Vulnerability Reserved
Jul 24, 2020

JSON

Lua

What is CVE-2020-15945?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.