Date: Fri, 19 Aug 2011 15:49:41 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: heap overflow in perl while decoding Unicode string I'm going to assign this CVE-2011-2939. It looks like a single byte overflow. It's probably not exploitable (even as a DoS), but to play it safe, I'm assigning this ID. Thanks. -- JB ----- Original Message ----- > Does anyone know more about this flaw? It's in perl and the Encode > module: > > http://cpansearch.perl.org/src/DANKOGAI/Encode-2.44/Changes > > ! Unicode/Unicode.xs > Addressed the following: > Date: Fri, 22 Jul 2011 13:58:43 +0200 > From: Robert Zacek <zacek@...st.com> > To: perl5-security-report@...l.org > Subject: Unicode.xs!decode_xs n-byte heap-overflow > > It's been fixed in perl: > > http://perl5.git.perl.org/perl.git/commitdiff/e46d973584785af1f445c4dedbee4243419cb860#patch5 > > Seems to be in all versions of perl since 5.10.0. > > There isn't really information on the impact of this though. I don't > know enough to determine whether this is something that can cause > arbitrary code execution, whether some gcc/glibc hardening prevents or > minimizes the impact, whether it's a crash-only, etc. It has been > asked > on the perl5-porters list, but no response was given: > > http://permalink.gmane.org/gmane.comp.lang.perl.perl5.porters/98004 > > Does anyone know anything more about this flaw? Could a CVE be > assigned > to it as well? > > Thanks. > > -- > Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ