ALPINE-CVE-2024-56406
- Source
- https://security.alpinelinux.org/vuln/CVE-2024-56406
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-56406.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALPINE-CVE-2024-56406
- Upstream
- Published
- 2025-04-13T14:15:14Z
- Modified
- 2025-09-30T05:28:54.579017Z
- Summary
- [none]
- Details
-
A heap buffer overflow vulnerability was discovered in Perl.
Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10.
When there are non-ASCII bytes in the left-hand-side of the
troperator,S_do_trans_invmapcan overflow the destination pointerd.$ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped)
It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
- References
Affected packages
Alpine:v3.18 / perl
Package
- Name
- perl
- Purl
- pkg:apk/alpine/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.36.2-r1
Affected versions
5.*
5.10.0-r0
5.10.0-r1
5.10.1-r0
5.10.1-r1
5.10.1-r2
5.12.1-r0
5.12.2-r0
5.12.2-r1
5.12.3-r0
5.14.0-r0
5.14.1-r0
5.14.2-r0
5.14.2-r1
5.16.0-r0
5.16.1-r0
5.16.2-r0
5.16.3-r0
5.18.0-r0
5.18.1-r0
5.18.2-r0
5.20.0-r0
5.20.1-r0
5.20.2-r0
5.20.2-r1
5.22.0-r0
5.22.1-r0
5.22.2-r0
5.24.0-r0
5.24.0-r1
5.24.0-r2
5.24.1-r0
5.24.1-r1
5.24.1-r2
5.26.0-r0
5.26.1-r0
5.26.1-r1
5.26.2-r0
5.26.2-r1
5.26.3-r0
5.28.1-r0
5.28.2-r0
5.28.2-r1
5.30.0-r0
5.30.0-r1
5.30.0-r2
5.30.1-r0
5.30.2-r0
5.30.3-r0
5.30.3-r1
5.30.3-r2
5.32.0-r0
5.32.1-r0
5.34.0-r0
5.34.0-r1
5.34.1-r0
5.36.0-r0
5.36.0-r1
5.36.0-r2
5.36.0-r3
5.36.1-r0
5.36.1-r1
5.36.1-r2
5.36.2-r0
Alpine:v3.19 / perl
Package
- Name
- perl
- Purl
- pkg:apk/alpine/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.38.3-r1
Affected versions
5.*
5.10.0-r0
5.10.0-r1
5.10.1-r0
5.10.1-r1
5.10.1-r2
5.12.1-r0
5.12.2-r0
5.12.2-r1
5.12.3-r0
5.14.0-r0
5.14.1-r0
5.14.2-r0
5.14.2-r1
5.16.0-r0
5.16.1-r0
5.16.2-r0
5.16.3-r0
5.18.0-r0
5.18.1-r0
5.18.2-r0
5.20.0-r0
5.20.1-r0
5.20.2-r0
5.20.2-r1
5.22.0-r0
5.22.1-r0
5.22.2-r0
5.24.0-r0
5.24.0-r1
5.24.0-r2
5.24.1-r0
5.24.1-r1
5.24.1-r2
5.26.0-r0
5.26.1-r0
5.26.1-r1
5.26.2-r0
5.26.2-r1
5.26.3-r0
5.28.1-r0
5.28.2-r0
5.28.2-r1
5.30.0-r0
5.30.0-r1
5.30.0-r2
5.30.1-r0
5.30.2-r0
5.30.3-r0
5.30.3-r1
5.30.3-r2
5.32.0-r0
5.32.1-r0
5.34.0-r0
5.34.0-r1
5.34.1-r0
5.36.0-r0
5.36.0-r1
5.36.0-r2
5.36.0-r3
5.36.1-r0
5.36.1-r1
5.36.1-r2
5.36.1-r3
5.38.0-r0
5.38.1-r0
5.38.2-r0
5.38.3-r0
Alpine:v3.20 / perl
Package
- Name
- perl
- Purl
- pkg:apk/alpine/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.38.3-r1
Affected versions
5.*
5.10.0-r0
5.10.0-r1
5.10.1-r0
5.10.1-r1
5.10.1-r2
5.12.1-r0
5.12.2-r0
5.12.2-r1
5.12.3-r0
5.14.0-r0
5.14.1-r0
5.14.2-r0
5.14.2-r1
5.16.0-r0
5.16.1-r0
5.16.2-r0
5.16.3-r0
5.18.0-r0
5.18.1-r0
5.18.2-r0
5.20.0-r0
5.20.1-r0
5.20.2-r0
5.20.2-r1
5.22.0-r0
5.22.1-r0
5.22.2-r0
5.24.0-r0
5.24.0-r1
5.24.0-r2
5.24.1-r0
5.24.1-r1
5.24.1-r2
5.26.0-r0
5.26.1-r0
5.26.1-r1
5.26.2-r0
5.26.2-r1
5.26.3-r0
5.28.1-r0
5.28.2-r0
5.28.2-r1
5.30.0-r0
5.30.0-r1
5.30.0-r2
5.30.1-r0
5.30.2-r0
5.30.3-r0
5.30.3-r1
5.30.3-r2
5.32.0-r0
5.32.1-r0
5.34.0-r0
5.34.0-r1
5.34.1-r0
5.36.0-r0
5.36.0-r1
5.36.0-r2
5.36.0-r3
5.36.1-r0
5.36.1-r1
5.36.1-r2
5.36.1-r3
5.38.0-r0
5.38.1-r0
5.38.2-r0
5.38.3-r0
Alpine:v3.21 / perl
Package
- Name
- perl
- Purl
- pkg:apk/alpine/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.40.1-r1
Affected versions
5.*
5.10.0-r0
5.10.0-r1
5.10.1-r0
5.10.1-r1
5.10.1-r2
5.12.1-r0
5.12.2-r0
5.12.2-r1
5.12.3-r0
5.14.0-r0
5.14.1-r0
5.14.2-r0
5.14.2-r1
5.16.0-r0
5.16.1-r0
5.16.2-r0
5.16.3-r0
5.18.0-r0
5.18.1-r0
5.18.2-r0
5.20.0-r0
5.20.1-r0
5.20.2-r0
5.20.2-r1
5.22.0-r0
5.22.1-r0
5.22.2-r0
5.24.0-r0
5.24.0-r1
5.24.0-r2
5.24.1-r0
5.24.1-r1
5.24.1-r2
5.26.0-r0
5.26.1-r0
5.26.1-r1
5.26.2-r0
5.26.2-r1
5.26.3-r0
5.28.1-r0
5.28.2-r0
5.28.2-r1
5.30.0-r0
5.30.0-r1
5.30.0-r2
5.30.1-r0
5.30.2-r0
5.30.3-r0
5.30.3-r1
5.30.3-r2
5.32.0-r0
5.32.1-r0
5.34.0-r0
5.34.0-r1
5.34.1-r0
5.36.0-r0
5.36.0-r1
5.36.0-r2
5.36.0-r3
5.36.1-r0
5.36.1-r1
5.36.1-r2
5.36.1-r3
5.38.0-r0
5.38.1-r0
5.38.2-r0
5.40.0-r0
5.40.0-r1
5.40.0-r2
5.40.0-r3
5.40.1-r0
Alpine:v3.22 / perl
Package
- Name
- perl
- Purl
- pkg:apk/alpine/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.40.1-r1
Affected versions
5.*
5.10.0-r0
5.10.0-r1
5.10.1-r0
5.10.1-r1
5.10.1-r2
5.12.1-r0
5.12.2-r0
5.12.2-r1
5.12.3-r0
5.14.0-r0
5.14.1-r0
5.14.2-r0
5.14.2-r1
5.16.0-r0
5.16.1-r0
5.16.2-r0
5.16.3-r0
5.18.0-r0
5.18.1-r0
5.18.2-r0
5.20.0-r0
5.20.1-r0
5.20.2-r0
5.20.2-r1
5.22.0-r0
5.22.1-r0
5.22.2-r0
5.24.0-r0
5.24.0-r1
5.24.0-r2
5.24.1-r0
5.24.1-r1
5.24.1-r2
5.26.0-r0
5.26.1-r0
5.26.1-r1
5.26.2-r0
5.26.2-r1
5.26.3-r0
5.28.1-r0
5.28.2-r0
5.28.2-r1
5.30.0-r0
5.30.0-r1
5.30.0-r2
5.30.1-r0
5.30.2-r0
5.30.3-r0
5.30.3-r1
5.30.3-r2
5.32.0-r0
5.32.1-r0
5.34.0-r0
5.34.0-r1
5.34.1-r0
5.36.0-r0
5.36.0-r1
5.36.0-r2
5.36.0-r3
5.36.1-r0
5.36.1-r1
5.36.1-r2
5.36.1-r3
5.38.0-r0
5.38.1-r0
5.38.2-r0
5.40.0-r0
5.40.0-r1
5.40.0-r2
5.40.0-r3
5.40.1-r0