Home / mailings [USN-8262-1] Lua vulnerability
Posted on 08 May 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8262-1
May 08, 2026
lua5.1 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Lua could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- lua5.1: Lua is an embeddable scripting language
Details:
It was discovered that the Lua parser incorrectly handled garbage collection
when processing specially crafted Lua scripts. A remote attacker could possibly
use this issue to cause a denial of service or execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
liblua5.1-0 5.1.5-8ubuntu1+esm1
Available with Ubuntu Pro
lua5.1 5.1.5-8ubuntu1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8262-1
CVE-2025-49844
--===============8874991003955345573==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
