Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

This is patched in Debian and Gentoo. Seems to be unpatched in openSUSE Tumbleweed.

Here is the link: https://nvd.nist.gov/vuln/detail/CVE-2014-5461

diff --git a/src/ldo.c b/src/ldo.c
index d1bf786..d43f611 100644
--- a/src/ldo.c
+++ b/src/ldo.c
@@ -217,7 +217,7 @@ static StkId adjust_varargs (lua_State *L, Proto *p, int actual) {
int nvar = actual - nfixargs; /* number of extra arguments */
lua_assert(p->is_vararg & VARARG_HASARG);
luaC_checkGC(L);
- luaD_checkstack(L, p->maxstacksize);
+ luaD_checkstack(L, p->maxstacksize + p->numparams);
htab = luaH_new(L, nvar, 1); /* create `arg' table */
for (i=0; i<nvar; i++) /* put extra arguments into `arg' table */
setobj2n(L, luaH_setnum(L, htab, i+1), L->top - nvar + i);