VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Sep 4, 2014· Updated May 6, 2026

CVE-2014-5461

CVE-2014-5461

Description

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

Affected products

16
  • Lua/Lua9 versions
    cpe:2.3:a:lua:lua:5.1:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:lua:lua:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:lua:lua:5.2.2:*:*:*:*:*:*:*
  • Canonical (company)/Ubuntu Linux2 versions
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • Debian/Debian Linux
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • Mageia/Mageia2 versions
    cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.