A double-free flaw was found in the way Digest::SHA module, Perl extension for the SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 algorithms, performed loading of a Digest::SHA object representing the intermediate SHA state from a file. If a Perl application, using Digest::SHA module, allowed an attacker to load custom Digest::SHA objects from a file via the Digest::SHA module, a local attacker could use this flaw to cause that application crash or, potentially, execute arbitrary code with the privileges of the user running that application. Upstream bug report: [1] https://rt.cpan.org/Public/Bug/Display.html?id=82655 Upstream Digest-SHA-5.80 vs Digest-SHA-5.81 diff: [2] https://metacpan.org/diff/release/MSHELOR/Digest-SHA-5.80/MSHELOR/Digest-SHA-5.81 References: [3] http://www.openwall.com/lists/oss-security/2013/01/15/5
This issue did NOT affect the version of the perl package, as shipped with Red Hat Enterprise Linux 5. -- This issue affects the version of the perl package,as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the perl package, as shipped with Fedora release of 16 and 17. Please schedule an update.
Created perl tracking bugs for this issue Affects: fedora-all [bug 895543]
Public reproducer information (from upstream bug [1]): ------------------------------------------------------ $ perl -MDigest::SHA -e 'my $d = Digest::SHA->new(256); $d->load("x");'
Based on http://www.openwall.com/lists/oss-security/2013/01/16/1 this issue would not be considered to be a security flaw. Closing as such (and will re-open if more details become available later).