CVE-2018-6913

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Perl versions prior to 5.26.2

Description The issue is related to a heap-based buffer overflow error in the pack function of the Perl interpreter. This error occurs when handling a large number of elements, leading to a potential overflow of dynamic memory. The exploitation of this issue could allow a remote attacker to execute arbitrary code.

Recommendations For versions prior to 5.26.2, update to version 5.26.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the pack function when handling large item counts until a patch is applied.

Fix

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALT-PU-2018-1668

BDU:2018-01503

CVE-2018-6913

DLA-1345-1

DSA-4172-1

MGASA-2018-0241

MGASA-2018-0247

OPENSUSE-SU-2024_1762-1

RHSA-2026:6206

SUSE-SU-2018:0976-1

SUSE-SU-2018:1074-1

SUSE-SU-2018:1972-1

SUSE-SU-2018:1972-2

SUSE-SU-2024:1630-1

SUSE-SU-2024:1762-1

SUSE-SU-2024:1762-2

USN-3625-1

USN-3625-2

Affected Products

Alt Linux

Perl

Suse

Ubuntu

CVE-2018-6913

Weakness Enumeration

Related Identifiers

Affected Products

References · 62