2104427 – (CVE-2022-33099) CVE-2022-33099 lua: heap buffer overflow in luaG_errormsg() in ldebug.c due to uncontrolled recursion in error handling

Bug 2104427 (CVE-2022-33099) - CVE-2022-33099 lua: heap buffer overflow in luaG_errormsg() in ldebug.c due to uncontrolled recursion in error handling

Summary: CVE-2022-33099 lua: heap buffer overflow in luaG_errormsg() in ldebug.c due t...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2022-33099
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2104501 2104743 2104744 2104745 2132325 2132326 2132327 2137384
Blocks:	2103258
TreeView+	depends on / blocked

Reported:	2022-07-06 08:58 UTC by TEJ RATHI
Modified:	2024-03-18 13:17 UTC (History)
CC List:	34 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2022-12-09 00:13:32 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2022:7329	0	None	None	None	2022-11-02 14:35:10 UTC

Description TEJ RATHI 2022-07-06 08:58:29 UTC

An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.

https://lua-users.org/lists/lua-l/2022-05/msg00035.html
https://lua-users.org/lists/lua-l/2022-05/msg00073.html
https://lua-users.org/lists/lua-l/2022-05/msg00042.html
https://www.lua.org/bugs.html#Lua-stack%20overflow%20when%20C%20stack%20overflows%20while%20handling%20an%20error:~:text=Lua%2Dstack%20overflow%20when%20C%20stack%20overflows%20while%20handling%20an%20error
https://github.com/lua/lua/commit/42d40581dd919fb134c07027ca1ce0844c670daf

Comment 2 TEJ RATHI 2022-07-07 05:04:31 UTC

Created compat-lua tracking bugs for this issue:

Affects: epel-all [bug 2104744]
Affects: fedora-all [bug 2104745]


Created lua tracking bugs for this issue:

Affects: fedora-all [bug 2104743]

Comment 14 errata-xmlrpc 2022-11-02 14:35:07 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:7329 https://access.redhat.com/errata/RHSA-2022:7329

Comment 16 Product Security DevOps Team 2022-12-09 00:13:29 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-33099

Note You need to log in before you can comment on or make changes to this bug.

4le
bdettelb
carl
caswilli
csutherl
dffrench
drjohnson1
epel-packagers-sig
fedora
fjansen
gzaronik
hdegoede
jburrell
jclere
jwon
kaycoth
lua-packagers-sig
mdomonko
mhroncok
michel
moceap
mschmidt
mturk
ngough
packaging-team-maint
peholase
pjindal
plodge
pmatilai
rgodfrey
rob.myers
spotrh
sthirugn
vkrizan