Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2020-15945
HistoryJul 24, 2020 - 12:00 a.m.

CVE-2020-15945

2020-07-2400:00:00
ubuntu.com
ubuntu.com
12
lua 5.4.0
segmentation fault
changedline
ldebug.c
cve-2020-15945
flow of control
vulnerable code

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

12.8%

JSON

Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c
(e.g., when called by luaG_traceexec) because it incorrectly expects that
an oldpc value is always updated upon a return of the flow of control to a
function.

Notes

Author Note
sbeattie older luas need checking as the code has changed but may still be vulnerable
mdeslaur couldn’t reproduce on lua earlier than 5.4. No indication that earlier versions are vulnerable. Marking not-affected.

Related

osv 2
nvd 1
cve 1
cbl_mariner 2
debiancve 1
prion 1
cvelist 1
redhatcve 1
rosalinux 1
nessus 3
photon 3
osv
osv
CVE-2020-15945
2020-07-24 21:15:34
BIT-lua-2020-15945
2024-03-06 10:57:19
nvd
nvd
CVE-2020-15945
2020-07-24 21:15:34
cve
cve
CVE-2020-15945
2020-07-24 21:15:34
cbl_mariner
cbl_mariner
CVE-2020-15945 affecting package lua 5.3.5-9
2024-09-30 09:32:21
CVE-2020-15945 affecting package lua for versions less than 5.4.3-1
2022-04-09 06:51:52
debiancve
debiancve
CVE-2020-15945
2020-07-24 21:15:34
prion
prion
Design/Logic Flaw
2020-07-24 21:15:00
cvelist
cvelist
CVE-2020-15945
2020-07-24 20:05:57
redhatcve
redhatcve
CVE-2020-15945
2020-07-30 06:43:25
rosalinux
rosalinux
Advisory ROSA-SA-2021-1910
2021-07-02 17:26:35
nessus
nessus
Photon OS 5.0: Nmap PHSA-2023-5.0-0036
2024-07-23 00:00:00
Photon OS 4.0: Nmap PHSA-2023-4.0-0517
2024-07-23 00:00:00
Photon OS 3.0: Nmap PHSA-2023-3.0-0601
2024-07-24 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0517
2023-11-20 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0036
2023-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0601
2023-06-20 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0

Percentile

12.8%

JSON
Related for UB:CVE-2020-15945
osv2nvd1cve1cbl_mariner2debiancve1prion1cvelist1redhatcve1rosalinux1nessus3photon3