Описание
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Отчет
This flaw is an integer overflow triggered when an application compiles a specially crafted, untrusted regular expression pattern supplied by a user, as most applications match untrusted data against a trusted regex pattern.The flaw leads to a corruption of the intermediate language state. While this could theoretically allow an attacker to insert instructions, the resulting behavior is unpredictable, and any potential code execution is likely outside of an attacker's reliable control. Therefore, the most probable and practical impact is an application crash, resulting in a Denial of Service (DoS).
Меры по смягчению последствий
To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | perl | Out of support scope | ||
| Red Hat Enterprise Linux 6 | perl | Out of support scope | ||
| Red Hat Enterprise Linux 8 | perl:5.24/perl | Will not fix | ||
| Red Hat Enterprise Linux 7 | perl | Fixed | RHSA-2021:0343 | 02.02.2021 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | perl | Fixed | RHSA-2021:1266 | 20.04.2021 |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | perl | Fixed | RHSA-2021:1266 | 20.04.2021 |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | perl | Fixed | RHSA-2021:1266 | 20.04.2021 |
| Red Hat Enterprise Linux 7.6 Extended Update Support | perl | Fixed | RHSA-2021:0883 | 16.03.2021 |
| Red Hat Enterprise Linux 7.7 Extended Update Support | perl | Fixed | RHSA-2021:1032 | 30.03.2021 |
| Red Hat Enterprise Linux 8 | perl | Fixed | RHSA-2021:1678 | 18.05.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.6 High
CVSS3
Связанные уязвимости
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular expressions in this fashion is known to be dangerous since the regular expression engine does not protect against denial of service attacks in this usage scenario.]
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Perl before 5.30.3 has an integer overflow related to mishandling of a ...
Уязвимость параметра PL_regkind[OP(n)] == NOTHING интерпретатора языка программирования Perl, позволяющая нарушителю выполнить произвольный код
EPSS
8.6 High
CVSS3