CVE-2022-48522

CVSS v2.0

Critical

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Perl version 5.34.0

Description The issue is related to the S find uninit var function in the sv.c file of the Perl interpreter, which is associated with a buffer overflow. This can allow a remote attacker to execute arbitrary code or lead to local privilege escalation.

Recommendations For Perl version 5.34.0, consider disabling the S find uninit var function as a temporary workaround until a patch is available. Restrict access to the sv.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

LPE

RCE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2025-4598

BDU:2023-08372

CVE-2022-48522

OESA-2023-1563

OESA-2023-1564

OESA-2023-1565

USN-6517-1

Affected Products

Alt Linux

Linuxmint

Perl

Ubuntu

CVE-2022-48522

Weakness Enumeration

Related Identifiers

Affected Products

References · 24