Описание
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| perl | fixed | 5.36.0-4 | package | |
| perl | not-affected | bullseye | package | |
| perl | not-affected | buster | package |
Примечания
Might be related to https://bugs.launchpad.net/ubuntu/+source/perl/+bug/2032667
which is just a infinite recursion exhausting the stack, with negligible security
impact.
https://github.com/Perl/perl5/issues/19147
Fixed by: https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6 (v5.35.5)
Связанные уязвимости
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
Уязвимость функции S_find_uninit_var (sv.c) интерпретатора Perl, позволяющая нарушителю выполнить произвольный код