CNNVD-202507-728 Information
CNNVD ID
CNNVD-202507-728
Related CVE
- CNNVD Published: 2025-07-07
Description (Chinese)
LuaJIT是LuaJIT开源的一款用于Lua语言的即时编译器。 LuaJIT 2.1及之前版本存在安全漏洞,该漏洞源于对NULL元表的IR_FSTORE处理不当,可能导致拒绝服务攻击。
Description (English)
LuaJIT is an instant compiler for the LuaJIT open source. There is a security loophole in LuaJIT 2.1 and earlier versions, which stems from the improper handling of IR FSTORE of the NULL dollar scale, which could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
LuaJIT
Published
2025-07-07
Last Modified
2026-02-24
References
https://gist.github.com/pwnhacker0x18/a73f560d79f2c3d4011d6c5a2676f04a https://github.com/LuaJIT/LuaJIT/issues/1147 https://github.com/openresty/luajit2/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310f https://github.com/LuaJIT/LuaJIT/commit/85b4fed0b0353dd78c8c875c2f562d522a2b310f https://vigilance.fr/vulnerability/LuaJIT-denial-of-service-via-IR-FSTORE-48026
Share on: