USN-6517-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-6517-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6517-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-6517-1

Related

Published

2023-11-27T14:15:35.297126Z

Modified

2023-11-27T14:15:35.297126Z

Summary

perl vulnerabilities

Details

It was discovered that Perl incorrectly handled printing certain warning messages. An attacker could possibly use this issue to cause Perl to consume resources, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-48522)

Nathan Mills discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-47038)

References

Affected packages

Ubuntu:20.04:LTS / perl

Package

Name: perl
Purl: pkg:deb/ubuntu/perl@5.30.0-9ubuntu0.5?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.30.0-9ubuntu0.5

Affected versions

5.*

5.28.1-6build1

5.30.0-7

5.30.0-9

5.30.0-9build1

5.30.0-9ubuntu0.2

5.30.0-9ubuntu0.3

5.30.0-9ubuntu0.4

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libperl-dev",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "libperl5.30",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "perl",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "perl-base",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "perl-debug",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "perl-doc",
            "binary_version": "5.30.0-9ubuntu0.5"
        },
        {
            "binary_name": "perl-modules-5.30",
            "binary_version": "5.30.0-9ubuntu0.5"
        }
    ]
}

Ubuntu:22.04:LTS / perl

Package

Name: perl
Purl: pkg:deb/ubuntu/perl@5.34.0-3ubuntu1.3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.34.0-3ubuntu1.3

Affected versions

5.*

5.32.1-3ubuntu3

5.34.0-3ubuntu1

5.34.0-3ubuntu1.1

5.34.0-3ubuntu1.2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libperl-dev",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "libperl5.34",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "perl",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "perl-base",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "perl-debug",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "perl-doc",
            "binary_version": "5.34.0-3ubuntu1.3"
        },
        {
            "binary_name": "perl-modules-5.34",
            "binary_version": "5.34.0-3ubuntu1.3"
        }
    ]
}