Mike Pall - Security Researcher - Exploit Intelligence Platform

CVE-2024-25176 WRITEUP CRITICAL WRITEUP

LuaJIT <2.1-20240626 - Buffer Overflow

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

CVSS 9.8

View Code

CVE-2024-25176 WRITEUP CRITICAL WRITEUP

LuaJIT <2.1-20240626 - Buffer Overflow

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

CVSS 9.8

View Code

CVE-2024-25177 WRITEUP HIGH WRITEUP

LuaJIT <2.1 - DoS

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS).

CVSS 7.5

View Code

CVE-2024-25177 WRITEUP HIGH WRITEUP

LuaJIT <2.1 - DoS

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS).

CVSS 7.5

View Code

CVE-2024-25178 WRITEUP CRITICAL WRITEUP

LuaJIT <2.1 - Memory Corruption

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.

CVSS 9.1

View Code

CVE-2024-25178 WRITEUP CRITICAL WRITEUP

LuaJIT <2.1 - Memory Corruption

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.

CVSS 9.1

View Code