PT-2026-43159 · Perl+2 · Perl+2

Timothy Legge

·

Published

2026-04-24

·

Updated

2026-07-02

·

CVE-2026-8376

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Perl versions prior to 5.43.11
Description A heap buffer overflow occurs on 32-bit builds when compiling regular expressions containing a repeated fixed string. The issue resides in the Perl study chunk() function within regcomp study.c, which validates the size of the joined substring buffer using characters instead of bytes. When a quantified fixed substring has a large minimum count, the byte length calculation mincount * l can overflow SSize t, resulting in an undersized SvGROW allocation. This causes subsequent copy operations to write past the end of the buffer. An attacker can trigger this condition by providing a specially crafted regular expression for compilation.
Recommendations Update to version 5.43.11 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07638
CLSA-2026-1780391238
CVE-2026-8376
ECHO-E5E9-738B-90E8
OESA-2026-2658
USN-8467-1
USN-8467-2

Affected Products

Linuxmint
Perl
Ubuntu