CPANSA-perl-2026-8376: perl vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2026-05-26T00:00:00 | Engine | CSAF Perl Toolkit 0.26 |
| Current release date | 2026-05-26T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 9.8 | Severity | |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.
Vulnerabilities
CVE-2026-8376
Vulnerability DescriptionPerl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds.
Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer.
A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.
| Weakness | CWE-680 : Integer Overflow to Buffer Overflow |
|---|
Product status
Known affected
| Product | Score | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| perl less than 5.43.10 |
|
Fixed
- perl greater than or equal 5.43.11
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-perl-2026-8376 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2026/cpansa-perl-2026-8376.json - https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch external
https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch - http://www.openwall.com/lists/oss-security/2026/05/26/1 external
http://www.openwall.com/lists/oss-security/2026/05/26/1 - CVE-2026-8376 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2026-8376
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Tue May 26 00:00:00 2026 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/