CVE-2021-43519 – lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file

https://notcve.org/view.php?id=CVE-2021-43519

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file. UN desbordamiento de pila en la función lua_resume del archivo ldo.c en Lua Interpreter versiones 5.1.0~5.4.4, permite a atacantes llevar a cabo una Denegación de Servicio por medio de un archivo de script diseñado A stack overflow issue was discovered in Lua in the lua_resume() function of 'ldo.c'. This flaw allows a local attacker to pass a specially crafted file to the Lua Interpreter, causing a crash that leads to a denial of service. • http://lua-users.org/lists/lua-l/2021-10/msg00123.html http://lua-users.org/lists/lua-l/2021-11/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7XHFYHGSZKL53VCLSJSAJ6VMFGAIXKO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3EMGAQ5Y6GXJLY4K5DUOOEQT4MZ4J4F https://access.redhat.com/security/cve/CVE-2021-43519 https://bugzilla.redhat.com/show_bug.cgi?id=2047672 • CWE-674: Uncontrolled Recursion CWE-787: Out-of-bounds Write •