ghsa-p6jf-pv8c-623c
Vulnerability from github
Published
2025-04-13 15:30
Modified
2025-10-16 15:30
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Details

A heap buffer overflow vulnerability was discovered in Perl.

When there are non-ASCII bytes in the left-hand-side of the tr operator, S_do_trans_invmap can overflow the destination pointer d.

$ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped)

It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-56406"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-13T14:15:14Z",
    "severity": "HIGH"
  },
  "details": "A heap buffer overflow vulnerability was discovered in Perl. \n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n\u00a0 \u00a0$ perl -e \u0027$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;\u0027 \n\u00a0 \u00a0Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.",
  "id": "GHSA-p6jf-pv8c-623c",
  "modified": "2025-10-16T15:30:26Z",
  "published": "2025-04-13T15:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56406"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/SHAY/perl-5.38.4/changes"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/SHAY/perl-5.40.2/changes"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/04/13/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/04/13/4"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/04/13/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.