oss-security - Re: CVE request:Perl bug #48156

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <87skxbghs6.fsf@mid.deneb.enyo.de>
Date: Thu, 24 Apr 2008 21:43:53 +0200
From: Florian Weimer <fw@...eb.enyo.de>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: Jonathan Smith <smithj@...ethemallocs.com>,  oss-security@...ts.openwall.com
Subject: Re: CVE request:Perl bug #48156

* Steven M. Christey:

> removing vendor-sec just in case, since oss-security is archived.
>
> ======================================================
> Name: CVE-2008-1927
> Status: Candidate
> URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
> Reference: MISC:http://rt.perl.org/rt3/Public/Bug/Display.html?id=48156
> Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454792
>
> Double free vulnerability in Perl 5.8.8 allows context-dependent
> attackers to cause a denial of service (memory corruption and crash)
> via a crafted regular expression containing UTF8 characters.  NOTE:
> this issue might only be present on certain operating systems.

Oops, I think this is a heap overflow, not a double-free vulnerability.
The GNU libc error message which is triggered by the heap corruption can
be a bit misleading.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.