Vulnerabilities > CVE-2023-47038 - Out-of-bounds Write vulnerability in multiple products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://access.redhat.com/errata/RHSA-2024:2228
- https://access.redhat.com/errata/RHSA-2024:2228
- https://access.redhat.com/errata/RHSA-2024:3128
- https://access.redhat.com/errata/RHSA-2024:3128
- https://access.redhat.com/security/cve/CVE-2023-47038
- https://access.redhat.com/security/cve/CVE-2023-47038
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746
- https://bugzilla.redhat.com/show_bug.cgi?id=2249523
- https://bugzilla.redhat.com/show_bug.cgi?id=2249523
- https://lists.fedoraproject.org/archives/list/[email protected]/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/
- https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property