CPANSA-perl-2024-56406: perl vulnerability

Publisher	giterlizzi	Document category	csaf_security_advisory
Initial release date	2025-04-13T00:00:00	Engine	CSAF Perl Toolkit 0.25
Current release date	2025-04-13T00:00:00	Build Date
Current version	1	Status	final
CVSS v3.1 Base Score	8.6	Severity
Original language		Language	en
Also referred to

Vulnerability Description

A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. Â Â $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Â Â Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Vulnerabilities

CVE-2024-56406

Vulnerability Description

A heap buffer overflow vulnerability was discovered in Perl.

Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.

When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.

$ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'
Segmentation fault (core dumped)

It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Weakness	CWE-122 : Heap-based Buffer Overflow

Product status

Known affected

Product

Score

perl greater than 0 and less than 5.38.4

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H	8.6	High

perl greater than or equal 5.40.0 and less than 5.40.2

CVSS Version	CVSS Vector	CVSS Base Score	CVSS Base Severity
3.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H	8.6	High

Fixed

perl greater than or equal 5.40.1
perl greater than or equal 5.38.4 and less than 5.40.0

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

CPANSA-perl-2024-56406 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2025/cpansa-perl-2024-56406.json
https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch external
https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
https://metacpan.org/release/SHAY/perl-5.38.4/changes external
https://metacpan.org/release/SHAY/perl-5.38.4/changes
https://metacpan.org/release/SHAY/perl-5.40.2/changes external
https://metacpan.org/release/SHAY/perl-5.40.2/changes
http://www.openwall.com/lists/oss-security/2025/04/13/3 external
http://www.openwall.com/lists/oss-security/2025/04/13/3
http://www.openwall.com/lists/oss-security/2025/04/13/4 external
http://www.openwall.com/lists/oss-security/2025/04/13/4
CVE-2024-56406 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2024-56406

Revision history

Version	Date of the revision	Summary of the revision
1	Sun Apr 13 00:00:00 2025	First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/