Perl CVE-2018-6913 Heap Buffer Overflow Vulnerability

Bugtraq ID:	103953
Class:	Boundary Condition Error
CVE:	CVE-2018-6913
Remote:	Yes
Local:	No
Published:	Apr 14 2018 12:00AM
Updated:	Jan 17 2019 09:00AM
Credit:	The vendor reported this issue.
Vulnerable:	Redhat Enterprise Linux 6 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Redhat Enterprise Linux 5 Perl Perl 5.28 Oracle Solaris 11.4
Not Vulnerable:

Perl CVE-2018-6913 Heap Buffer Overflow Vulnerability

Perl is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Attackers can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.

Perl CVE-2018-6913 Heap Buffer Overflow Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Perl CVE-2018-6913 Heap Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Perl CVE-2018-6913 Heap Buffer Overflow Vulnerability

References:

• Perl Homepage (Perl)
  
• Bug 1547772 - (CVE-2018-6913) CVE-2018-6913 perl: heap buffer overflow in pp_pa (Redhat)
  
• CVE-2018-6913 (Redhat)