Internet Bug Bounty: read outside of buffer (heap buffer overflow) in S_regmatch - regexec.c:6057

Reported to the Perl security mailing list on 20 August 2016, reported fixed by khw on 30 August 2016. ==14086==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61900000a4aa at pc 0x000000b9988f bp 0x7fff325d9630 sp 0x7fff325d9628 READ of size 1 at 0x61900000a4aa thread T0 0 0xb9988e in...

Gentoo Security Advisory GLSA 201507-11

Gentoo Linux Local Security Checks GLSA 201507-11 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Perl: Denial of service

Background Perl is a highly capable, feature-rich programming language. Description Sregmatch function lacks proper checks before passing arguments to atoi Impact A remote attacker could send a specially crafted input, possibly resulting in a Denial of Service condition. Workaround There is no...