CVE-2024-56406

CVE-2024-56406

Name

CVE-2024-56406

Description

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
patch	https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
release-notes	https://metacpan.org/release/SHAY/perl-5.38.4/changes
release-notes	https://metacpan.org/release/SHAY/perl-5.40.2/changes
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/04/13/3
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/04/13/4
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/04/13/5

Type

URI

patch

https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch

release-notes

https://metacpan.org/release/SHAY/perl-5.38.4/changes

release-notes

https://metacpan.org/release/SHAY/perl-5.40.2/changes

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/04/13/3

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/04/13/4

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/04/13/5

Match rules

CPE URI	Source package	Min version	Max version
	perl	>= 5.41.0	<= 5.41.10
	perl	>= 5.39.0	< 5.40.2-RC1
	perl	>= 5.33.1	< 5.38.4-RC1
`cpe:2.3:a:perl:perl::::::::`	perl	>= 5.33.1	< 5.38.4
`cpe:2.3:a:perl:perl::::::::`	perl	>= 5.39.0	< 5.40.2

CPE URI

Source package

Min version

Max version

perl

>= 5.41.0

<= 5.41.10

perl

>= 5.39.0

< 5.40.2-RC1

perl

>= 5.33.1

< 5.38.4-RC1

cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*

perl

>= 5.33.1

< 5.38.4

cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*

perl

>= 5.39.0

< 5.40.2

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
perl	edge-main	5.40.1-r1	Celeste <cielesti@protonmail.com>	fixed
perl	3.18-main	5.36.2-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
perl	3.21-main	5.40.1-r1	Celeste <cielesti@protonmail.com>	fixed
perl	3.20-main	5.38.3-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
perl	3.19-main	5.38.3-r1	Natanael Copa <ncopa@alpinelinux.org>	fixed
perl	edge-main	5.40.0-r3	Celeste <cielesti@protonmail.com>	possibly vulnerable
perl	edge-main	5.40.1-r0	Celeste <cielesti@protonmail.com>	possibly vulnerable
perl	edge-main	5.40.2-r0	Celeste <cielesti@protonmail.com>	fixed

Source package

Branch

Version

Maintainer

Status

perl

edge-main

5.40.1-r1

Celeste <cielesti@protonmail.com>

fixed

perl

3.18-main