PT-2024-9603 · Unknown+1 · Posix::2008+1

Published

2024-12-09

Updated

2024-12-14

CVE-2024-55564

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions POSIX::2008 versions prior to 0.24

Description The issue is related to a potential buffer overflow in the execve50c() function of the POSIX::2008 package for Perl. This could allow a remote attacker to execute arbitrary code or cause a denial of service. The vulnerability is associated with the execve50c() function, which is part of the POSIX.1-2008 standard library on Perl.

Recommendations For versions prior to 0.24, update to version 0.24 or later to resolve the issue. As a temporary workaround, consider restricting the use of the execve50c() function until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2024-11313

CVE-2024-55564

Affected Products

Debian

Posix::2008

PT-2024-9603 · Unknown+1 · Posix::2008+1

CVE-2024-55564

Weakness Enumeration

Related Identifiers

Affected Products

References · 19