CVE-2022-28805

CRITICAL
Published Apr 8, 20224y ago · Modified Jun 17, 20262w ago
9.1 CVSS 3.1
Critical
Find Similar
Published Apr 8, 2022 4y ago
Last Modified Jun 17, 2026 2w ago

Description

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

CVSS Details

Base Score
9.1
Exploitability
3.9
Impact
5.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 3

VendorProductVersionRange
lualua*≥5.4.0  –  <5.4.5
fedoraprojectfedora35any
fedoraprojectfedora36any

References 7

  • github.com https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa
    PatchThird Party Advisory
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJNJ66IFDUKWJJZXHGOLRGIA3HWWC36R/
    Third Party Advisory
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHYZOEFDVLVAD6EEP4CDW6DNONIVVHPA/
    Third Party Advisory
  • lua-users.org https://lua-users.org/lists/lua-l/2022-02/msg00001.html
    ExploitMailing ListThird Party Advisory
  • lua-users.org https://lua-users.org/lists/lua-l/2022-02/msg00070.html
    ExploitMailing ListThird Party Advisory
  • lua-users.org https://lua-users.org/lists/lua-l/2022-04/msg00009.html
    ExploitMailing ListThird Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/202305-23
    Third Party Advisory

Remediation

  • github.com https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa
    PatchThird Party Advisory