Wind River Support Network

HomeDefectsLIN1022-3903
Fixed

LIN1022-3903 : Security Advisory - lua - CVE-2021-45985

Created: Apr 10, 2023    Updated: Apr 26, 2023
Resolved Date: Apr 25, 2023
Found In Version: 10.22.33.1
Fix Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.

CREATE(Triage):(User=admin) CVE-2021-45985 (https://nvd.nist.gov/vuln/detail/CVE-2021-45985)

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube