Bug 1646738 (CVE-2018-18313)
Summary: | CVE-2018-18313 perl: Heap-based buffer read overflow in S_grok_bslash_N() | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | abhgupta, ahardin, bleanhar, caillon+fedoraproject, ccoleman, dbaker, dedgar, dmoppert, eparis, hhorak, iarnell, jgoulding, jokerman, jorton, jplesnik, kasal, mbarnes, mchappel, mmaslano, perl-devel, perl-maint-list, ppisar, psabata, rhughes, sandmann, security-response-team, sthangav, tcallawa, trankin, ylavi |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | perl 5.26.3, perl 5.28.1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-10 10:42:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1653525, 1653526, 1654921, 1654924, 1656293, 1660192, 1660195 | ||
Bug Blocks: | 1646752 |
Description
Laura Pardo
2018-11-05 22:47:38 UTC
Upstream ticket: https://rt.perl.org/Public/Bug/Display.html?id=133192 Downgrading severity based on: - significant control over a regex gives a number of vectors to deny service, if not evaluate code - information disclosure potential is through error messages, which should not be disclosed to attackers from secure systems Acknowledgments: Name: the Perl project Upstream: Eiichi Tsukata Created perl tracking bugs for this issue: Affects: fedora-all [bug 1654921] This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Via RHSA-2019:0001 https://access.redhat.com/errata/RHSA-2019:0001 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Via RHSA-2019:0010 https://access.redhat.com/errata/RHSA-2019:0010 openshift-enterprise-3: notaffected. I reviewed OpenShift containers for applications with dependencies on perl and was unable to identify any where the perl interpreter would be exposed to attacker-controlled regular expressions which could expose this flaw. There is a perl dependency in our MariaDB packaging, however the only non-test related perl usage is in a backup script (mysqlhotcopy) which is not exposed to attacker-controlled regular expressions. I have not filed trackers as these images will inherit the existing perl fixes next time they are respun. See also https://access.redhat.com/articles/2803031 |