CVE-2024-56406

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-56406
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

8.6 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
https://metacpan.org/release/SHAY/perl-5.38.4/changes
https://metacpan.org/release/SHAY/perl-5.40.2/changes
http://www.openwall.com/lists/oss-security/2025/04/13/3
http://www.openwall.com/lists/oss-security/2025/04/13/4
http://www.openwall.com/lists/oss-security/2025/04/13/5
Configurations

No configuration.

History

18 Apr 2025, 17:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.6

15 Apr 2025, 18:39

Type Values Removed Values Added
Summary
  • (es) Se descubrió una vulnerabilidad de desbordamiento del búfer de montón en Perl. Las versiones 5.34, 5.36, 5.38 y 5.40 se ven afectadas, incluyendo las versiones de desarrollo de la 5.33.1 a la 5.41.10. Cuando hay bytes no ASCII en el lado izquierdo del operador `tr`, `S_do_trans_invmap` puede desbordar el puntero de destino `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Fallo de segmentación (volcado de núcleo). Se cree que esta vulnerabilidad puede permitir ataques de denegación de servicio y, posiblemente, de ejecución de código en plataformas que carecen de defensas suficientes.

13 Apr 2025, 22:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2025/04/13/5 -

13 Apr 2025, 20:15

Type Values Removed Values Added
Summary (en) A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses. (en) A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

13 Apr 2025, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2025/04/13/3 -
  • () http://www.openwall.com/lists/oss-security/2025/04/13/4 -

13 Apr 2025, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-13 14:15

Updated : 2025-04-18 17:15

NVD link : CVE-2024-56406

Mitre link : CVE-2024-56406

CVE.ORG link : CVE-2024-56406

JSON object : View

Products Affected

No product.

CWE
CWE-122

Heap-based Buffer Overflow

CWE-787

Out-of-bounds Write