Unrated severityNVD Advisory· Published Mar 14, 2022· Updated Aug 4, 2024
CVE-2021-44964
CVE-2021-44964
Description
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Lua/Lua interpreterdescription
- osv-coords4 versions
>= 5.4.0, < 5.4.4+ 3 more
- (no CPE)range: >= 5.4.0, < 5.4.4
- (no CPE)range: < 5.4.4-2.el9_1
- (no CPE)range: < 5.4.4-2.el9_1
- (no CPE)range: < 5.4.4-2.el9_1
Patches
Vulnerability mechanics
References
4- lua-users.org/lists/lua-l/2021-11/msg00186.htmlmitrex_refsource_MISC
- lua-users.org/lists/lua-l/2021-12/msg00007.htmlmitrex_refsource_MISC
- lua-users.org/lists/lua-l/2021-12/msg00015.htmlmitrex_refsource_MISC
- lua-users.org/lists/lua-l/2021-12/msg00030.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.