lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24371
Reference (s):
- https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110
- https://www.lua.org/bugs.html#5.4.0-10