{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-56406","assignerOrgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","state":"PUBLISHED","assignerShortName":"CPANSec","dateReserved":"2024-12-23T02:07:38.152Z","datePublished":"2025-04-13T13:16:09.841Z","dateUpdated":"2025-10-16T14:04:20.393Z"},"containers":{"cna":{"affected":[{"collectionURL":"https://cpan.org/modules","defaultStatus":"unaffected","packageName":"perl","product":"perl","programFiles":["op.c"],"programRoutines":[{"name":"S_pmtrans"},{"name":"tr"}],"repo":"https://github.com/Perl/perl5/","vendor":"perl","versions":[{"lessThanOrEqual":"5.41.10","status":"affected","version":"5.41.0","versionType":"custom"},{"lessThan":"5.40.2-RC1","status":"affected","version":"5.39.0","versionType":"custom"},{"lessThan":"5.38.4-RC1","status":"affected","version":"5.33.1","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"Nathan Mills"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A heap buffer overflow vulnerability was discovered in Perl. <br><br>Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.<br><br>When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.<br><br><tt>&nbsp; &nbsp;$ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' <br>&nbsp; &nbsp;Segmentation fault (core dumped)</tt><br><br>It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.<br><br>"}],"value":"A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-122","description":"CWE-122 Heap-based Buffer Overflow","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-787","description":"CWE-787 Out-of-bounds Write","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","shortName":"CPANSec","dateUpdated":"2025-04-13T19:29:56.569Z"},"references":[{"tags":["patch"],"url":"https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch"},{"tags":["release-notes"],"url":"https://metacpan.org/release/SHAY/perl-5.38.4/changes"},{"tags":["release-notes"],"url":"https://metacpan.org/release/SHAY/perl-5.40.2/changes"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Users should update perl to 5.40.2 or 5.38.4, or apply the upstream patch provided in the References section.<br><br>"}],"value":"Users should update perl to 5.40.2 or 5.38.4, or apply the upstream patch provided in the References section."}],"source":{"discovery":"UNKNOWN"},"title":"Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"http://www.openwall.com/lists/oss-security/2025/04/13/3"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/13/4"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/13/5"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-04-13T22:02:35.643Z"}},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.4,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-10-16T14:04:16.993103Z","id":"CVE-2024-56406","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-16T14:04:20.393Z"}}]}}