Bug 2255476 (CVE-2023-47100) - CVE-2023-47100 perl: Perl security bypass
Summary: CVE-2023-47100 perl: Perl security bypass
Keywords:
Status: CLOSED DUPLICATE of bug 2249523
Alias: CVE-2023-47100
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2251625 2251622 2251624 2255477 2255478 2255479
Blocks: 2255480
TreeView+ depends on / blocked
 
Reported: 2023-12-21 04:51 UTC by Avinash Hanwate
Modified: 2024-01-03 05:00 UTC (History)
3 users (show)

Fixed In Version: perl 5.38.2
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Perl due to improper handling of the property name by the S_parse_uniprop_string function in regcomp.c. This issue could allow an attacker to to bypass security restrictions and use a specially crafted regular expression input to write to unallocated space.
Clone Of:
Environment:
Last Closed: 2024-01-02 05:52:27 UTC
Embargoed:

Attachments (Terms of Use)

Description Avinash Hanwate 2023-12-21 04:51:40 UTC 
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010
https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6
https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3
Comment 1 Avinash Hanwate 2023-12-21 05:00:01 UTC 
Created perl tracking bugs for this issue:

Affects: fedora-all [bug 2255477]


Created perl:5.34/perl tracking bugs for this issue:

Affects: fedora-all [bug 2255478]


Created perl:5.36/perl tracking bugs for this issue:

Affects: fedora-all [bug 2255479]
Comment 5 Michal Josef Spacek 2023-12-21 11:41:14 UTC 
This is the duplicate of CVE-2023-47038
Comment 6 Sandipan Roy 2024-01-02 05:52:27 UTC 

*** This bug has been marked as a duplicate of bug 2249523 ***
Note You need to log in before you can comment on or make changes to this bug.