{"id":"CVE-2024-56406","details":"A heap buffer overflow vulnerability was discovered in Perl. \n\nRelease branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.\n\nWhen there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.\n\n   $ perl -e '$_ = \"\\x{FF}\" x 1000000; tr/\\xFF/\\x{100}/;' \n   Segmentation fault (core dumped)\n\nIt is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.","modified":"2026-03-11T07:53:00.734523191Z","published":"2025-04-13T14:15:14.527Z","related":["ALSA-2025:7500","MGASA-2025-0274","SUSE-SU-2025:20334-1","SUSE-SU-2025:20532-1","openSUSE-SU-2025:15003-1"],"references":[{"type":"ADVISORY","url":"https://metacpan.org/release/SHAY/perl-5.38.4/changes"},{"type":"ADVISORY","url":"https://metacpan.org/release/SHAY/perl-5.40.2/changes"},{"type":"FIX","url":"https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2025/04/13/3"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2025/04/13/4"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2025/04/13/5"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/perl/perl5","events":[{"introduced":"0"},{"fixed":"87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd"},{"introduced":"aec03eb052e5786cf01d615cc5eb8e3d528c0fcd"},{"fixed":"2e0f6a60c12ff9b5fd18e5a18d350b4366ea12b7"},{"introduced":"b69b5077393db9b8ffa440eba15b27073cbac617"},{"fixed":"546f65a086129e4158cff53a40c724d6952f3ed6"}]}],"versions":["v5.33.1","v5.33.2","v5.33.3","v5.33.4","v5.33.5","v5.33.6","v5.33.7","v5.33.8","v5.33.9","v5.34.0","v5.34.0-RC1","v5.34.0-RC2","v5.35.0","v5.35.1","v5.35.10","v5.35.11","v5.35.2","v5.35.3","v5.35.4","v5.35.5","v5.35.6","v5.35.7","v5.35.8","v5.35.9","v5.36.0","v5.36.0-RC1","v5.36.0-RC3","v5.37.0","v5.37.1","v5.37.10","v5.37.11","v5.37.2","v5.37.3","v5.37.4","v5.37.5","v5.37.6","v5.37.7","v5.37.8","v5.37.9","v5.38.0","v5.38.0-RC1","v5.38.0-RC2","v5.38.1","v5.38.2","v5.38.3","v5.38.3-RC1","v5.38.4-RC1","v5.39.0","v5.39.1","v5.39.10","v5.39.2","v5.39.3","v5.39.4","v5.39.5","v5.39.6","v5.39.7","v5.39.8","v5.39.9","v5.40.0","v5.40.0-RC1","v5.40.0-RC2","v5.40.1","v5.40.1-RC1","v5.40.2-RC1","v5.41.0","v5.41.1","v5.41.10","v5.41.2","v5.41.3","v5.41.4","v5.41.5","v5.41.6","v5.41.7","v5.41.8","v5.41.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56406.json","vanir_signatures":[{"source":"https://github.com/perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd","id":"CVE-2024-56406-17f9d390","digest":{"length":13728,"function_hash":"103498168550110636723907425407205223783"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"op.c","function":"S_pmtrans"}},{"signature_type":"Line","id":"CVE-2024-56406-eaa69e21","digest":{"threshold":0.9,"line_hashes":["189586818232990660262111173185107192330","321624929067096723080303988807375853448","308843707930518695019406321178223426241","156431593218724535804723157254102277155"]},"deprecated":false,"source":"https://github.com/perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd","signature_version":"v1","target":{"file":"op.c"}}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}