FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

perl -- multiple vulnerabilities

Affected packages
5.24.0 <= perl5 < 5.24.4
5.26.0 <= perl5 < 5.26.2

Details

VuXML ID 41c96ffd-29a6-4dcc-9a88-65f5038fa6eb
Discovery 2018-04-14
Entry 2018-04-15

perldelta:

CVE-2018-6797: heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)

A crafted regular expression could cause a heap buffer write overflow, with control over the bytes written. [perl #132227]

CVE-2018-6798: Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)

Matching a crafted locale dependent regular expression could cause a heap buffer read overflow and potentially information disclosure. [perl #132063]

CVE-2018-6913: heap-buffer-overflow in S_pack_rec

pack() could cause a heap buffer write overflow with a large item count. [perl #131844]

References

CVE Name CVE-2018-6797
CVE Name CVE-2018-6798
CVE Name CVE-2018-6913
URL https://metacpan.org/changes/release/SHAY/perl-5.24.4
URL https://metacpan.org/changes/release/SHAY/perl-5.26.2