[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: heap overflow in perl while
From: Josh Bressers <bressers () redhat ! com>
Date: 2011-08-19 19:49:41
Message-ID: 1579872259.144003.1313783381867.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
I'm going to assign this CVE-2011-2939. It looks like a single byte
overflow. It's probably not exploitable (even as a DoS), but to play it
safe, I'm assigning this ID.
Thanks.
--
JB
----- Original Message -----
> Does anyone know more about this flaw? It's in perl and the Encode
> module:
>
> http://cpansearch.perl.org/src/DANKOGAI/Encode-2.44/Changes
>
> ! Unicode/Unicode.xs
> Addressed the following:
> Date: Fri, 22 Jul 2011 13:58:43 +0200
> From: Robert Zacek <zacek@avast.com>
> To: perl5-security-report@perl.org
> Subject: Unicode.xs!decode_xs n-byte heap-overflow
>
> It's been fixed in perl:
>
> http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5
>
> Seems to be in all versions of perl since 5.10.0.
>
> There isn't really information on the impact of this though. I don't
> know enough to determine whether this is something that can cause
> arbitrary code execution, whether some gcc/glibc hardening prevents or
> minimizes the impact, whether it's a crash-only, etc. It has been
> asked
> on the perl5-porters list, but no response was given:
>
> http://permalink.gmane.org/gmane.comp.lang.perl.perl5.porters/98004
>
> Does anyone know anything more about this flaw? Could a CVE be
> assigned
> to it as well?
>
> Thanks.
>
> --
> Vincent Danen / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic