Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
Weakness
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lua | Lua | 5.1.0 (including) | 5.3.5 (excluding) |
| Lua | Lua | 5.4.0 (including) | 5.4.4 (excluding) |
| Red Hat Enterprise Linux 9 | RedHat | lua-0:5.4.4-2.el9_1 | * |
| Red Hat Enterprise Linux 9 | RedHat | lua-0:5.4.4-2.el9_1 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | lua-0:5.4.4-1.el9_0.1 | * |
| Ardour | Ubuntu | bionic | * |
| Ardour | Ubuntu | hirsute | * |
| Ardour | Ubuntu | impish | * |
| Ardour | Ubuntu | kinetic | * |
| Ardour | Ubuntu | trusty | * |
| Ardour | Ubuntu | xenial | * |
| Bam | Ubuntu | bionic | * |
| Bam | Ubuntu | focal | * |
| Bam | Ubuntu | hirsute | * |
| Bam | Ubuntu | impish | * |
| Bam | Ubuntu | kinetic | * |
| Bam | Ubuntu | lunar | * |
| Bam | Ubuntu | mantic | * |
| Bam | Ubuntu | oracular | * |
| Bam | Ubuntu | plucky | * |
| Bam | Ubuntu | trusty | * |
| Bam | Ubuntu | xenial | * |
| Blobby | Ubuntu | bionic | * |
| Blobby | Ubuntu | focal | * |
| Blobby | Ubuntu | hirsute | * |
| Blobby | Ubuntu | impish | * |
| Blobby | Ubuntu | kinetic | * |
| Blobby | Ubuntu | lunar | * |
| Blobby | Ubuntu | mantic | * |
| Blobby | Ubuntu | oracular | * |
| Blobby | Ubuntu | plucky | * |
| Blobby | Ubuntu | trusty | * |
| Blobby | Ubuntu | xenial | * |
| Ceph | Ubuntu | hirsute | * |
| Ceph | Ubuntu | impish | * |
| Ceph | Ubuntu | trusty | * |
| Ceph | Ubuntu | xenial | * |
| Darktable | Ubuntu | bionic | * |
| Darktable | Ubuntu | focal | * |
| Darktable | Ubuntu | hirsute | * |
| Darktable | Ubuntu | impish | * |
| Darktable | Ubuntu | kinetic | * |
| Darktable | Ubuntu | lunar | * |
| Darktable | Ubuntu | mantic | * |
| Darktable | Ubuntu | oracular | * |
| Darktable | Ubuntu | plucky | * |
| Darktable | Ubuntu | trusty | * |
| Darktable | Ubuntu | xenial | * |
| Eja | Ubuntu | bionic | * |
| Eja | Ubuntu | focal | * |
| Eja | Ubuntu | hirsute | * |
| Eja | Ubuntu | impish | * |
| Eja | Ubuntu | kinetic | * |
| Eja | Ubuntu | lunar | * |
| Eja | Ubuntu | mantic | * |
| Eja | Ubuntu | trusty | * |
| Eja | Ubuntu | xenial | * |
| Emscripten | Ubuntu | bionic | * |
| Emscripten | Ubuntu | hirsute | * |
| Emscripten | Ubuntu | impish | * |
| Emscripten | Ubuntu | kinetic | * |
| Emscripten | Ubuntu | lunar | * |
| Emscripten | Ubuntu | mantic | * |
| Emscripten | Ubuntu | oracular | * |
| Emscripten | Ubuntu | plucky | * |
| Emscripten | Ubuntu | trusty | * |
| Emscripten | Ubuntu | xenial | * |
| Enigma | Ubuntu | bionic | * |
| Enigma | Ubuntu | hirsute | * |
| Enigma | Ubuntu | impish | * |
| Enigma | Ubuntu | kinetic | * |
| Enigma | Ubuntu | trusty | * |
| Enigma | Ubuntu | xenial | * |
| Freeciv | Ubuntu | bionic | * |
| Freeciv | Ubuntu | hirsute | * |
| Freeciv | Ubuntu | impish | * |
| Freeciv | Ubuntu | kinetic | * |
| Freeciv | Ubuntu | trusty | * |
| Freeciv | Ubuntu | xenial | * |
| Freedroidrpg | Ubuntu | bionic | * |
| Freedroidrpg | Ubuntu | focal | * |
| Freedroidrpg | Ubuntu | hirsute | * |
| Freedroidrpg | Ubuntu | impish | * |
| Freedroidrpg | Ubuntu | kinetic | * |
| Freedroidrpg | Ubuntu | lunar | * |
| Freedroidrpg | Ubuntu | mantic | * |
| Freedroidrpg | Ubuntu | oracular | * |
| Freedroidrpg | Ubuntu | plucky | * |
| Freedroidrpg | Ubuntu | trusty | * |
| Freedroidrpg | Ubuntu | xenial | * |
| Fs-uae | Ubuntu | bionic | * |
| Fs-uae | Ubuntu | focal | * |
| Fs-uae | Ubuntu | hirsute | * |
| Fs-uae | Ubuntu | impish | * |
| Fs-uae | Ubuntu | kinetic | * |
| Fs-uae | Ubuntu | lunar | * |
| Fs-uae | Ubuntu | mantic | * |
| Fs-uae | Ubuntu | oracular | * |
| Fs-uae | Ubuntu | plucky | * |
| Fs-uae | Ubuntu | trusty | * |
| Fs-uae | Ubuntu | xenial | * |
| Golly | Ubuntu | bionic | * |
| Golly | Ubuntu | focal | * |
| Golly | Ubuntu | hirsute | * |
| Golly | Ubuntu | impish | * |
| Golly | Ubuntu | kinetic | * |
| Golly | Ubuntu | lunar | * |
| Golly | Ubuntu | mantic | * |
| Golly | Ubuntu | oracular | * |
| Golly | Ubuntu | plucky | * |
| Golly | Ubuntu | trusty | * |
| Golly | Ubuntu | xenial | * |
| Goxel | Ubuntu | bionic | * |
| Goxel | Ubuntu | focal | * |
| Goxel | Ubuntu | hirsute | * |
| Goxel | Ubuntu | impish | * |
| Goxel | Ubuntu | kinetic | * |
| Goxel | Ubuntu | lunar | * |
| Goxel | Ubuntu | mantic | * |
| Goxel | Ubuntu | oracular | * |
| Goxel | Ubuntu | plucky | * |
| Goxel | Ubuntu | trusty | * |
| Goxel | Ubuntu | xenial | * |
| Grub2 | Ubuntu | hirsute | * |
| Grub2 | Ubuntu | impish | * |
| Grub2 | Ubuntu | trusty | * |
| Grub2 | Ubuntu | xenial | * |
| Gtk2-engines | Ubuntu | bionic | * |
| Gtk2-engines | Ubuntu | hirsute | * |
| Gtk2-engines | Ubuntu | impish | * |
| Gtk2-engines | Ubuntu | kinetic | * |
| Gtk2-engines | Ubuntu | trusty | * |
| Gtk2-engines | Ubuntu | xenial | * |
| Haskell-hslua | Ubuntu | bionic | * |
| Haskell-hslua | Ubuntu | hirsute | * |
| Haskell-hslua | Ubuntu | impish | * |
| Haskell-hslua | Ubuntu | kinetic | * |
| Haskell-hslua | Ubuntu | trusty | * |
| Haskell-hslua | Ubuntu | xenial | * |
| Hedgewars | Ubuntu | bionic | * |
| Hedgewars | Ubuntu | hirsute | * |
| Hedgewars | Ubuntu | impish | * |
| Hedgewars | Ubuntu | kinetic | * |
| Hedgewars | Ubuntu | trusty | * |
| Hedgewars | Ubuntu | xenial | * |
| Lua5.1 | Ubuntu | hirsute | * |
| Lua5.1 | Ubuntu | impish | * |
| Lua5.1 | Ubuntu | trusty | * |
| Lua5.1 | Ubuntu | xenial | * |
| Lua5.2 | Ubuntu | bionic | * |
| Lua5.2 | Ubuntu | hirsute | * |
| Lua5.2 | Ubuntu | impish | * |
| Lua5.2 | Ubuntu | kinetic | * |
| Lua5.2 | Ubuntu | trusty | * |
| Lua5.2 | Ubuntu | xenial | * |
| Lua5.3 | Ubuntu | bionic | * |
| Lua5.3 | Ubuntu | hirsute | * |
| Lua5.3 | Ubuntu | impish | * |
| Lua5.3 | Ubuntu | kinetic | * |
| Lua5.3 | Ubuntu | trusty | * |
| Lua5.3 | Ubuntu | xenial | * |
| Lua5.4 | Ubuntu | hirsute | * |
| Lua5.4 | Ubuntu | impish | * |
| Lua5.4 | Ubuntu | trusty | * |
| Lua5.4 | Ubuntu | upstream | * |
| Lua50 | Ubuntu | bionic | * |
| Lua50 | Ubuntu | hirsute | * |
| Lua50 | Ubuntu | impish | * |
| Lua50 | Ubuntu | trusty | * |
| Lua50 | Ubuntu | xenial | * |
| Luajit | Ubuntu | bionic | * |
| Luajit | Ubuntu | hirsute | * |
| Luajit | Ubuntu | impish | * |
| Luajit | Ubuntu | kinetic | * |
| Luajit | Ubuntu | trusty | * |
| Luajit | Ubuntu | xenial | * |
| Mame | Ubuntu | bionic | * |
| Mame | Ubuntu | hirsute | * |
| Mame | Ubuntu | impish | * |
| Mame | Ubuntu | kinetic | * |
| Mame | Ubuntu | trusty | * |
| Mame | Ubuntu | xenial | * |
| Naev | Ubuntu | focal | * |
| Naev | Ubuntu | hirsute | * |
| Naev | Ubuntu | impish | * |
| Naev | Ubuntu | kinetic | * |
| Naev | Ubuntu | lunar | * |
| Naev | Ubuntu | mantic | * |
| Naev | Ubuntu | oracular | * |
| Naev | Ubuntu | plucky | * |
| Naev | Ubuntu | trusty | * |
| Naev | Ubuntu | xenial | * |
| Openscenegraph | Ubuntu | bionic | * |
| Openscenegraph | Ubuntu | hirsute | * |
| Openscenegraph | Ubuntu | impish | * |
| Openscenegraph | Ubuntu | kinetic | * |
| Openscenegraph | Ubuntu | trusty | * |
| Openscenegraph | Ubuntu | xenial | * |
| Redis | Ubuntu | trusty | * |
| Redis | Ubuntu | xenial | * |
| Rust-lua52-sys | Ubuntu | focal | * |
| Rust-lua52-sys | Ubuntu | hirsute | * |
| Rust-lua52-sys | Ubuntu | impish | * |
| Rust-lua52-sys | Ubuntu | kinetic | * |
| Rust-lua52-sys | Ubuntu | lunar | * |
| Rust-lua52-sys | Ubuntu | mantic | * |
| Rust-lua52-sys | Ubuntu | oracular | * |
| Rust-lua52-sys | Ubuntu | plucky | * |
| Rust-lua52-sys | Ubuntu | trusty | * |
| Rust-lua52-sys | Ubuntu | xenial | * |
| Scite | Ubuntu | bionic | * |
| Scite | Ubuntu | focal | * |
| Scite | Ubuntu | hirsute | * |
| Scite | Ubuntu | impish | * |
| Scite | Ubuntu | kinetic | * |
| Scite | Ubuntu | lunar | * |
| Scite | Ubuntu | mantic | * |
| Scite | Ubuntu | oracular | * |
| Scite | Ubuntu | plucky | * |
| Scite | Ubuntu | trusty | * |
| Scite | Ubuntu | xenial | * |
| Scorched3d | Ubuntu | bionic | * |
| Scorched3d | Ubuntu | focal | * |
| Scorched3d | Ubuntu | hirsute | * |
| Scorched3d | Ubuntu | impish | * |
| Scorched3d | Ubuntu | kinetic | * |
| Scorched3d | Ubuntu | lunar | * |
| Scorched3d | Ubuntu | mantic | * |
| Scorched3d | Ubuntu | oracular | * |
| Scorched3d | Ubuntu | plucky | * |
| Scorched3d | Ubuntu | trusty | * |
| Scorched3d | Ubuntu | xenial | * |
| Scummvm | Ubuntu | bionic | * |
| Scummvm | Ubuntu | hirsute | * |
| Scummvm | Ubuntu | impish | * |
| Scummvm | Ubuntu | kinetic | * |
| Scummvm | Ubuntu | trusty | * |
| Scummvm | Ubuntu | xenial | * |
| Spring | Ubuntu | bionic | * |
| Spring | Ubuntu | hirsute | * |
| Spring | Ubuntu | impish | * |
| Spring | Ubuntu | kinetic | * |
| Spring | Ubuntu | trusty | * |
| Spring | Ubuntu | xenial | * |
| Syslinux | Ubuntu | bionic | * |
| Syslinux | Ubuntu | hirsute | * |
| Syslinux | Ubuntu | impish | * |
| Syslinux | Ubuntu | kinetic | * |
| Syslinux | Ubuntu | trusty | * |
| Syslinux | Ubuntu | xenial | * |
| Syslinux-legacy | Ubuntu | bionic | * |
| Syslinux-legacy | Ubuntu | trusty | * |
| Syslinux-legacy | Ubuntu | xenial | * |
| Tagua | Ubuntu | bionic | * |
| Tagua | Ubuntu | hirsute | * |
| Tagua | Ubuntu | impish | * |
| Tagua | Ubuntu | kinetic | * |
| Tagua | Ubuntu | trusty | * |
| Tagua | Ubuntu | xenial | * |
| Tarantool | Ubuntu | focal | * |
| Tarantool | Ubuntu | hirsute | * |
| Tarantool | Ubuntu | impish | * |
| Tarantool | Ubuntu | kinetic | * |
| Tarantool | Ubuntu | lunar | * |
| Tarantool | Ubuntu | mantic | * |
| Tarantool | Ubuntu | oracular | * |
| Tarantool | Ubuntu | plucky | * |
| Tarantool | Ubuntu | trusty | * |
| Tarantool | Ubuntu | xenial | * |
| Texlive-bin | Ubuntu | bionic | * |
| Texlive-bin | Ubuntu | hirsute | * |
| Texlive-bin | Ubuntu | impish | * |
| Texlive-bin | Ubuntu | kinetic | * |
| Texlive-bin | Ubuntu | trusty | * |
| Texlive-bin | Ubuntu | xenial | * |
| Tup | Ubuntu | focal | * |
| Tup | Ubuntu | hirsute | * |
| Tup | Ubuntu | impish | * |
| Tup | Ubuntu | kinetic | * |
| Tup | Ubuntu | lunar | * |
| Tup | Ubuntu | mantic | * |
| Tup | Ubuntu | oracular | * |
| Tup | Ubuntu | plucky | * |
| Tup | Ubuntu | trusty | * |
| Tup | Ubuntu | xenial | * |
| Ufoai | Ubuntu | bionic | * |
| Ufoai | Ubuntu | hirsute | * |
| Ufoai | Ubuntu | impish | * |
| Ufoai | Ubuntu | kinetic | * |
| Ufoai | Ubuntu | trusty | * |
| Ufoai | Ubuntu | xenial | * |
| Vifm | Ubuntu | bionic | * |
| Vifm | Ubuntu | focal | * |
| Vifm | Ubuntu | hirsute | * |
| Vifm | Ubuntu | impish | * |
| Vifm | Ubuntu | kinetic | * |
| Vifm | Ubuntu | lunar | * |
| Vifm | Ubuntu | mantic | * |
| Vifm | Ubuntu | oracular | * |
| Vifm | Ubuntu | plucky | * |
| Vifm | Ubuntu | trusty | * |
| Vifm | Ubuntu | xenial | * |
| Wcc | Ubuntu | bionic | * |
| Wcc | Ubuntu | focal | * |
| Wcc | Ubuntu | hirsute | * |
| Wcc | Ubuntu | impish | * |
| Wcc | Ubuntu | kinetic | * |
| Wcc | Ubuntu | lunar | * |
| Wcc | Ubuntu | mantic | * |
| Wcc | Ubuntu | oracular | * |
| Wcc | Ubuntu | plucky | * |
| Wcc | Ubuntu | trusty | * |
| Wcc | Ubuntu | xenial | * |
| Wesnoth | Ubuntu | trusty | * |
| Wesnoth | Ubuntu | xenial | * |
| Widelands | Ubuntu | bionic | * |
| Widelands | Ubuntu | focal | * |
| Widelands | Ubuntu | hirsute | * |
| Widelands | Ubuntu | impish | * |
| Widelands | Ubuntu | kinetic | * |
| Widelands | Ubuntu | lunar | * |
| Widelands | Ubuntu | mantic | * |
| Widelands | Ubuntu | oracular | * |
| Widelands | Ubuntu | plucky | * |
| Widelands | Ubuntu | trusty | * |
| Widelands | Ubuntu | xenial | * |
| Xmoto | Ubuntu | bionic | * |
| Xmoto | Ubuntu | hirsute | * |
| Xmoto | Ubuntu | impish | * |
| Xmoto | Ubuntu | kinetic | * |
| Xmoto | Ubuntu | trusty | * |
| Xmoto | Ubuntu | xenial | * |
| Zfs-linux | Ubuntu | bionic | * |
| Zfs-linux | Ubuntu | hirsute | * |
| Zfs-linux | Ubuntu | impish | * |
| Zfs-linux | Ubuntu | kinetic | * |
| Zfs-linux | Ubuntu | trusty | * |
| Zfs-linux | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
References
- http://lua-users.org/lists/lua-l/2021-10/msg00123.html
- http://lua-users.org/lists/lua-l/2021-11/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7XHFYHGSZKL53VCLSJSAJ6VMFGAIXKO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3EMGAQ5Y6GXJLY4K5DUOOEQT4MZ4J4F/
- http://lua-users.org/lists/lua-l/2021-10/msg00123.html
- http://lua-users.org/lists/lua-l/2021-11/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7XHFYHGSZKL53VCLSJSAJ6VMFGAIXKO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3EMGAQ5Y6GXJLY4K5DUOOEQT4MZ4J4F/