High severity7.5NVD Advisory· Published Jul 7, 2025· Updated Jun 17, 2026
CVE-2024-25177
CVE-2024-25177
Description
LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15- osv-coords12 versionspkg:apk/chainguard/luajitpkg:apk/chainguard/luajit-devpkg:apk/chainguard/luajit-docpkg:apk/wolfi/luajitpkg:apk/wolfi/luajit-devpkg:apk/wolfi/luajit-docpkg:rpm/opensuse/lua51-luajit&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/luajit&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/luajit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/luajit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/luajit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/luajit&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7
< 0+ 11 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 2.1.0~beta2-150000.3.3.1
- (no CPE)range: < 2.1.0~beta3+git.1624618403.e9577376-150400.4.5.1
- (no CPE)range: < 2.1.0~beta3+git.1624618403.e9577376-150400.4.5.1
- (no CPE)range: < 2.1.0~beta3+git.1624618403.e9577376-150400.4.5.1
- (no CPE)range: < 2.1.0~beta3+git.1624618403.e9577376-150400.4.5.1
- (no CPE)range: < 2.1.0~beta3+git.1624618403.e9577376-150400.4.5.1
Patches
Vulnerability mechanics
References
5- github.com/LuaJIT/LuaJIT/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310fnvdPatch
- github.com/LuaJIT/LuaJIT/issues/1147nvdExploitIssue Tracking
- gist.github.com/pwnhacker0x18/a73f560d79f2c3d4011d6c5a2676f04anvdThird Party Advisory
- github.com/openresty/luajit2/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310fnvd
- lists.debian.org/debian-lts-announce/2025/08/msg00022.htmlnvd
News mentions
0No linked articles in our index yet.