Unrated severityNVD Advisory· Published Aug 13, 2020· Updated Aug 4, 2024
CVE-2020-24342
CVE-2020-24342
Description
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Lua/Luadescription
- osv-coords2 versions
>= 5.4.0, < 5.4.1+ 1 more
- (no CPE)range: >= 5.4.0, < 5.4.1
- (no CPE)range: < 5.5.0~beta1-1.1
Patches
Vulnerability mechanics
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QA5Q5MDQMTGXRQO3PAQ4EZFTYWJXZM5N/mitrevendor-advisoryx_refsource_FEDORA
- lua-users.org/lists/lua-l/2020-07/msg00052.htmlmitrex_refsource_MISC
- github.com/lua/lua/commit/34affe7a63fc5d842580a9f23616d057e17dfe27mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.