SUSE-SU-2025:02886-1

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2024-25176 CVE-2024-25177 CVE-2024-25178

Published: 19 Aug 2025, 07:08

Last modified:04 Feb 2026, 02:42

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Aug 2025, 07:08

Published

Vulnerability first disclosed

04 Feb 2026, 02:42

Last Modified

Vulnerability information updated

Description

Security update for lua51-luajit This update for lua51-luajit fixes the following issues: - CVE-2024-25176: Fixed stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c (bsc#1246077) - CVE-2024-25177: Fixed unsinking of IR_FSTORE for NULL metatable (bsc#1246078) - CVE-2024-25178: Fixed ut-of-bounds read in the stack-overflow handler in lj_state.c (bsc#1246079)

Affected Systems

opensuse•lua51-luajit&distro=openSUSE Leap 15.6
< 2.1.0~beta2-150000.3.3.1

References (7)

https://www.suse.com/support/update/announcement/2025/suse-su-202502886-1/
https://bugzilla.suse.com/1246077
https://bugzilla.suse.com/1246078
https://bugzilla.suse.com/1246079
https://www.suse.com/security/cve/CVE-2024-25176
https://www.suse.com/security/cve/CVE-2024-25177
https://www.suse.com/security/cve/CVE-2024-25178