CVE-2017-12883

Description

Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape.

CVSS Metrics

• v3.0•CRITICAL•Score: 9.1CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
• v2.0•MEDIUM•Score: 6.4AV:N/AC:L/Au:N/C:P/I:N/A:P

EPSS Trends

Current EPSS score: 4.71%• Percentile: 90%

Techniques & Countermeasures

• CWE-119•Improper Restriction of Operations within the Bounds of a Memory Buffer

  The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Affected Systems

• perl•perl

  ≤ 5.24.2 | 5.26.0

References (10)

• http://www.debian.org/security/2017/dsa-3982
• http://www.securityfocus.com/bid/100852
• https://www.oracle.com/security-alerts/cpujul2020.html
• https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1
• https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1
• https://security.netapp.com/advisory/ntap-20180426-0001/
• http://mirror.cucumberlinux.com/cucumber/cucumber-1.0/source/lang-base/perl/patches/CVE-2017-12883.patch
• https://bugzilla.redhat.com/show_bug.cgi?id=1492093
• https://rt.perl.org/Public/Bug/Display.html?id=131598
• https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f#patch1