CPANSA-perl-2024-56406: perl vulnerability

Publisher giterlizzi Document category csaf_security_advisory
Initial release date 2025-04-13T00:00:00 Engine CSAF Perl Toolkit 0.25
Current release date 2025-04-13T00:00:00 Build Date
Current version 1 Status final
CVSS v3.1 Base Score 8.6 Severity
Original language Language en
Also referred to

Vulnerability Description

A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Vulnerabilities

CVE-2024-56406

Vulnerability Description

A heap buffer overflow vulnerability was discovered in Perl.

Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.

When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.

   $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'
   Segmentation fault (core dumped)

It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Weakness CWE-122 : Heap-based Buffer Overflow

Product status

Known affected
Product Score
perl greater than 0 and less than 5.38.4
CVSS Version CVSS Vector CVSS Base Score CVSS Base Severity
3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 8.6 High
perl greater than or equal 5.40.0 and less than 5.40.2
CVSS Version CVSS Vector CVSS Base Score CVSS Base Severity
3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 8.6 High
Fixed

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

Revision history

Version Date of the revision Summary of the revision
1 Sun Apr 13 00:00:00 2025 First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/