CPANSA-Encode-2021-01: Encode vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2021-07-17T00:00:00 | Engine | CSAF Perl Toolkit 0.26 |
| Current release date | 2021-07-17T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 7.8 | Severity | |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.
Vulnerabilities
CVE-2021-36770
Vulnerability DescriptionEncode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.
| Weakness | CWE-427 : Uncontrolled Search Path Element |
|---|
Product status
Known affected
| Product | Score | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Encode greater than or equal 3.05 and less than or equal 3.11 |
|
Fixed
- Encode greater than 3.11
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Encode-2021-01 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2021/cpansa-encode-2021-01.json - https://github.com/Perl/perl5/commit/c1a937fef07c061600a0078f4cb53fe9c2136bb9 external
https://github.com/Perl/perl5/commit/c1a937fef07c061600a0078f4cb53fe9c2136bb9 - https://github.com/dankogai/p5-encode/commit/527e482dc70b035d0df4f8c77a00d81f8d775c74 external
https://github.com/dankogai/p5-encode/commit/527e482dc70b035d0df4f8c77a00d81f8d775c74 - https://metacpan.org/dist/Encode/changes external
https://metacpan.org/dist/Encode/changes - https://news.cpanel.com/unscheduled-tsr-10-august-2021/ external
https://news.cpanel.com/unscheduled-tsr-10-august-2021/ - https://security.netapp.com/advisory/ntap-20210909-0003/ external
https://security.netapp.com/advisory/ntap-20210909-0003/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5NDGQSGMEZ75FJGBKNYC75OTO7TF7XHB/ external
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5NDGQSGMEZ75FJGBKNYC75OTO7TF7XHB/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KOZYD7BH2DNIAEZ2ZL4PJ4QUVQI6Y33/ external
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KOZYD7BH2DNIAEZ2ZL4PJ4QUVQI6Y33/ - https://security-tracker.debian.org/tracker/CVE-2021-36770 external
https://security-tracker.debian.org/tracker/CVE-2021-36770 - CVE-2021-36770 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2021-36770
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Sat Jul 17 00:00:00 2021 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/