perl: Multiple vulnerabilities (CVE-2018-6797, CVE-2018-6798, CVE-2018-6913)
CVE-2018-6797: heap write overflow in regcomp.c
A flaw was found in Perl 5. A heap write overflow in regcomp.c file
might be exploited when a perl program allows user input
of patterns. A crafted regular expression can cause the heap buffer
overflow, with control over the bytes written.
Fixed In Version:
perl 5.26.2, perl 5.24.4
References:
https://rt.perl.org/Public/Bug/Display.html?id=132227
https://security-tracker.debian.org/tracker/CVE-2018-6797
Patches:
https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51
(5.26)
https://perl5.git.perl.org/perl.git/commitdiff/510cc261d965ccfa427900ebb368fc4d337442d2
(5.24)
CVE-2018-6798: heap read overflow in regexec.c
A flaw was found in Perl 5. A heap read overflow in regexec.c file may
allow an attacker to cause a segmentation
fault which might lead to a Denial of Service (DoS) or, possibly, heap
memory disclosure.
Fixed In Version:
perl 5.26.2, perl 5.24.4
References:
https://rt.perl.org/Public/Bug/Display.html?id=132063
https://security-tracker.debian.org/tracker/CVE-2018-6798
Patches:
https://perl5.git.perl.org/perl.git/commitdiff/8e6f44c90c7fa1f63c19a44c45482b09a407e15b
(5.26)
https://perl5.git.perl.org/perl.git/commitdiff/8b80ce67ff257aaa36e47eaf4194d27a51595524
(5.26)
https://perl5.git.perl.org/perl.git/commitdiff/0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff
(5.24)
https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920
(5.24)
CVE-2018-6913: heap buffer overflow in pp_pack.c
A flaw was found in Perl 5. Vulnerable code in pp_pack.c file accepts
either large blocks of data from untrusted sources
and/or duplicates such blocks, which allows an attacker to exploit this
vulnerability at runtime by supplying malicious
crafted data. This could result in a denial-of-service (DoS) attack.
Fixed In Version:
perl 5.26.2, perl 5.24.4
References:
https://rt.perl.org/Public/Bug/Display.html?id=131844
https://security-tracker.debian.org/tracker/CVE-2018-6913
Patches:
https://perl5.git.perl.org/perl.git/commitdiff/0fcf83230df5f8c52602ae22fde57c7ea885534d
(5.26)
https://perl5.git.perl.org/perl.git/commitdiff/a9d5c6e11891b48be06d4e06eeed18642bc98527
5.24)
(from redmine: issue id 8800, created on 2018-04-17, closed on 2018-07-30)
- Relations:
- copied_to #8801 (closed)
- copied_to #8802 (closed)
- copied_to #8803 (closed)
- copied_to #8804 (closed)
- copied_to #8805 (closed)
- child #8801 (closed)
- child #8802 (closed)
- child #8803 (closed)
- child #8804 (closed)
- child #8805 (closed)