CVE-2019-6706

Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
lualua
5.3.5
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lua5.1
bullseye
5.1.5-8.1
fixed
sid
5.1.5-9
fixed
trixie
5.1.5-9
fixed
bookworm
5.1.5-9
fixed
lua5.2
bullseye
5.2.4-1.1
fixed
sid
5.2.4-3
fixed
trixie
5.2.4-3
fixed
bookworm
5.2.4-3
fixed
lua5.3
bullseye
5.3.3-1.1+deb11u1
fixed
sid
5.3.6-2
fixed
trixie
5.3.6-2
fixed
bookworm
5.3.6-2
fixed
lua50
bullseye
5.0.3-8.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
lua5.1
cosmic
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
lua5.2
cosmic
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
lua5.3
cosmic
Fixed 5.3.3-1ubuntu0.18.10.1
released
bionic
Fixed 5.3.3-1ubuntu0.18.04.1
released
xenial
Fixed 5.3.1-1ubuntu2.1
released
trusty
dne
lua50
cosmic
not-affected
bionic
not-affected
xenial
not-affected
trusty
dne
Common Weakness Enumeration
References
http://lua-users.org/lists/lua-l/2019-01/msg00039.html
http://packetstormsecurity.com/files/151335/Lua-5.3.5-Use-After-Free.html
https://access.redhat.com/security/cve/cve-2019-6706
https://github.com/Lua-Project/cve-analysis/blob/a43c9ccd00274b31fa2f24c6c8f20ce36655682d/CVE-2019-6706.pdf
https://github.com/lua/lua/commit/89aee84cbc9224f638f3b7951b306d2ee8ecb71e
https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html
http://lua-users.org/lists/lua-l/2019-01/msg00039.html
http://packetstormsecurity.com/files/151335/Lua-5.3.5-Use-After-Free.html
https://access.redhat.com/security/cve/cve-2019-6706
https://github.com/Lua-Project/cve-analysis/blob/a43c9ccd00274b31fa2f24c6c8f20ce36655682d/CVE-2019-6706.pdf
https://github.com/lua/lua/commit/89aee84cbc9224f638f3b7951b306d2ee8ecb71e
https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html