Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2023-47038: perl: Write past buffer end via illegal user-defined Unicode property (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Red Hat: CVE-2023-47038: perl: Write past buffer end via illegal user-defined Unicode property (Multiple Advisories)

Severity
6
CVSS
(AV:L/AC:H/Au:S/C:C/I:C/A:C)
Published
12/18/2023
Created
05/01/2024
Added
05/01/2024
Modified
05/23/2024

Description

A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.

Solution(s)

  • redhat-upgrade-perl
  • redhat-upgrade-perl-algorithm-diff
  • redhat-upgrade-perl-archive-tar
  • redhat-upgrade-perl-archive-zip
  • redhat-upgrade-perl-attribute-handlers
  • redhat-upgrade-perl-autodie
  • redhat-upgrade-perl-autoloader
  • redhat-upgrade-perl-autosplit
  • redhat-upgrade-perl-autouse
  • redhat-upgrade-perl-b
  • redhat-upgrade-perl-b-debuginfo
  • redhat-upgrade-perl-base
  • redhat-upgrade-perl-benchmark
  • redhat-upgrade-perl-bignum
  • redhat-upgrade-perl-blib
  • redhat-upgrade-perl-carp
  • redhat-upgrade-perl-class-struct
  • redhat-upgrade-perl-compress-bzip2
  • redhat-upgrade-perl-compress-bzip2-debuginfo
  • redhat-upgrade-perl-compress-bzip2-debugsource
  • redhat-upgrade-perl-compress-raw-bzip2
  • redhat-upgrade-perl-compress-raw-bzip2-debuginfo
  • redhat-upgrade-perl-compress-raw-bzip2-debugsource
  • redhat-upgrade-perl-compress-raw-lzma
  • redhat-upgrade-perl-compress-raw-lzma-debuginfo
  • redhat-upgrade-perl-compress-raw-lzma-debugsource
  • redhat-upgrade-perl-compress-raw-zlib
  • redhat-upgrade-perl-compress-raw-zlib-debuginfo
  • redhat-upgrade-perl-compress-raw-zlib-debugsource
  • redhat-upgrade-perl-config-extensions
  • redhat-upgrade-perl-config-perl-v
  • redhat-upgrade-perl-constant
  • redhat-upgrade-perl-cpan
  • redhat-upgrade-perl-cpan-distnameinfo
  • redhat-upgrade-perl-cpan-meta
  • redhat-upgrade-perl-cpan-meta-requirements
  • redhat-upgrade-perl-cpan-meta-yaml
  • redhat-upgrade-perl-data-dumper
  • redhat-upgrade-perl-data-dumper-debuginfo
  • redhat-upgrade-perl-data-dumper-debugsource
  • redhat-upgrade-perl-data-optlist
  • redhat-upgrade-perl-data-section
  • redhat-upgrade-perl-db_file
  • redhat-upgrade-perl-db_file-debuginfo
  • redhat-upgrade-perl-db_file-debugsource
  • redhat-upgrade-perl-dbm_filter
  • redhat-upgrade-perl-debugger
  • redhat-upgrade-perl-debuginfo
  • redhat-upgrade-perl-debugsource
  • redhat-upgrade-perl-deprecate
  • redhat-upgrade-perl-devel
  • redhat-upgrade-perl-devel-peek
  • redhat-upgrade-perl-devel-peek-debuginfo
  • redhat-upgrade-perl-devel-ppport
  • redhat-upgrade-perl-devel-ppport-debuginfo
  • redhat-upgrade-perl-devel-ppport-debugsource
  • redhat-upgrade-perl-devel-selfstubber
  • redhat-upgrade-perl-devel-size
  • redhat-upgrade-perl-devel-size-debuginfo
  • redhat-upgrade-perl-devel-size-debugsource
  • redhat-upgrade-perl-diagnostics
  • redhat-upgrade-perl-digest
  • redhat-upgrade-perl-digest-md5
  • redhat-upgrade-perl-digest-md5-debuginfo
  • redhat-upgrade-perl-digest-md5-debugsource
  • redhat-upgrade-perl-digest-sha
  • redhat-upgrade-perl-digest-sha-debuginfo
  • redhat-upgrade-perl-digest-sha-debugsource
  • redhat-upgrade-perl-dirhandle
  • redhat-upgrade-perl-doc
  • redhat-upgrade-perl-dumpvalue
  • redhat-upgrade-perl-dynaloader
  • redhat-upgrade-perl-dynaloader-debuginfo
  • redhat-upgrade-perl-encode
  • redhat-upgrade-perl-encode-debuginfo
  • redhat-upgrade-perl-encode-debugsource
  • redhat-upgrade-perl-encode-devel
  • redhat-upgrade-perl-encode-locale
  • redhat-upgrade-perl-encoding
  • redhat-upgrade-perl-encoding-warnings
  • redhat-upgrade-perl-english
  • redhat-upgrade-perl-env
  • redhat-upgrade-perl-errno
  • redhat-upgrade-perl-experimental
  • redhat-upgrade-perl-exporter
  • redhat-upgrade-perl-extutils-cbuilder
  • redhat-upgrade-perl-extutils-command
  • redhat-upgrade-perl-extutils-constant
  • redhat-upgrade-perl-extutils-embed
  • redhat-upgrade-perl-extutils-install
  • redhat-upgrade-perl-extutils-makemaker
  • redhat-upgrade-perl-extutils-manifest
  • redhat-upgrade-perl-extutils-miniperl
  • redhat-upgrade-perl-extutils-mm-utils
  • redhat-upgrade-perl-extutils-parsexs
  • redhat-upgrade-perl-fcntl
  • redhat-upgrade-perl-fcntl-debuginfo
  • redhat-upgrade-perl-fedora-vsp
  • redhat-upgrade-perl-fields
  • redhat-upgrade-perl-file-basename
  • redhat-upgrade-perl-file-compare
  • redhat-upgrade-perl-file-copy
  • redhat-upgrade-perl-file-dosglob
  • redhat-upgrade-perl-file-dosglob-debuginfo
  • redhat-upgrade-perl-file-fetch
  • redhat-upgrade-perl-file-find
  • redhat-upgrade-perl-file-homedir
  • redhat-upgrade-perl-file-path
  • redhat-upgrade-perl-file-stat
  • redhat-upgrade-perl-file-temp
  • redhat-upgrade-perl-file-which
  • redhat-upgrade-perl-filecache
  • redhat-upgrade-perl-filehandle
  • redhat-upgrade-perl-filetest
  • redhat-upgrade-perl-filter
  • redhat-upgrade-perl-filter-debuginfo
  • redhat-upgrade-perl-filter-debugsource
  • redhat-upgrade-perl-filter-simple
  • redhat-upgrade-perl-findbin
  • redhat-upgrade-perl-gdbm_file
  • redhat-upgrade-perl-gdbm_file-debuginfo
  • redhat-upgrade-perl-generators
  • redhat-upgrade-perl-getopt-long
  • redhat-upgrade-perl-getopt-std
  • redhat-upgrade-perl-hash-util
  • redhat-upgrade-perl-hash-util-debuginfo
  • redhat-upgrade-perl-hash-util-fieldhash
  • redhat-upgrade-perl-hash-util-fieldhash-debuginfo
  • redhat-upgrade-perl-homedir
  • redhat-upgrade-perl-http-tiny
  • redhat-upgrade-perl-i18n-collate
  • redhat-upgrade-perl-i18n-langinfo
  • redhat-upgrade-perl-i18n-langinfo-debuginfo
  • redhat-upgrade-perl-i18n-langtags
  • redhat-upgrade-perl-if
  • redhat-upgrade-perl-importer
  • redhat-upgrade-perl-inc-latest
  • redhat-upgrade-perl-interpreter
  • redhat-upgrade-perl-interpreter-debuginfo
  • redhat-upgrade-perl-io
  • redhat-upgrade-perl-io-compress
  • redhat-upgrade-perl-io-compress-lzma
  • redhat-upgrade-perl-io-debuginfo
  • redhat-upgrade-perl-io-socket-ip
  • redhat-upgrade-perl-io-zlib
  • redhat-upgrade-perl-ipc-cmd
  • redhat-upgrade-perl-ipc-open3
  • redhat-upgrade-perl-ipc-system-simple
  • redhat-upgrade-perl-ipc-sysv
  • redhat-upgrade-perl-ipc-sysv-debuginfo
  • redhat-upgrade-perl-ipc-sysv-debugsource
  • redhat-upgrade-perl-json-pp
  • redhat-upgrade-perl-less
  • redhat-upgrade-perl-lib
  • redhat-upgrade-perl-libnet
  • redhat-upgrade-perl-libnetcfg
  • redhat-upgrade-perl-libs
  • redhat-upgrade-perl-libs-debuginfo
  • redhat-upgrade-perl-local-lib
  • redhat-upgrade-perl-locale
  • redhat-upgrade-perl-locale-maketext
  • redhat-upgrade-perl-locale-maketext-simple
  • redhat-upgrade-perl-macros
  • redhat-upgrade-perl-math-bigint
  • redhat-upgrade-perl-math-bigint-fastcalc
  • redhat-upgrade-perl-math-bigint-fastcalc-debuginfo
  • redhat-upgrade-perl-math-bigint-fastcalc-debugsource
  • redhat-upgrade-perl-math-bigrat
  • redhat-upgrade-perl-math-complex
  • redhat-upgrade-perl-memoize
  • redhat-upgrade-perl-meta-notation
  • redhat-upgrade-perl-mime-base64
  • redhat-upgrade-perl-mime-base64-debuginfo
  • redhat-upgrade-perl-mime-base64-debugsource
  • redhat-upgrade-perl-module-build
  • redhat-upgrade-perl-module-corelist
  • redhat-upgrade-perl-module-corelist-tools
  • redhat-upgrade-perl-module-load
  • redhat-upgrade-perl-module-load-conditional
  • redhat-upgrade-perl-module-loaded
  • redhat-upgrade-perl-module-metadata
  • redhat-upgrade-perl-mro
  • redhat-upgrade-perl-mro-compat
  • redhat-upgrade-perl-mro-debuginfo
  • redhat-upgrade-perl-ndbm_file
  • redhat-upgrade-perl-ndbm_file-debuginfo
  • redhat-upgrade-perl-net
  • redhat-upgrade-perl-net-ping
  • redhat-upgrade-perl-next
  • redhat-upgrade-perl-object-hashbase
  • redhat-upgrade-perl-object-hashbase-tools
  • redhat-upgrade-perl-odbm_file
  • redhat-upgrade-perl-odbm_file-debuginfo
  • redhat-upgrade-perl-opcode
  • redhat-upgrade-perl-opcode-debuginfo
  • redhat-upgrade-perl-open
  • redhat-upgrade-perl-overload
  • redhat-upgrade-perl-overloading
  • redhat-upgrade-perl-package-generator
  • redhat-upgrade-perl-params-check
  • redhat-upgrade-perl-params-util
  • redhat-upgrade-perl-params-util-debuginfo
  • redhat-upgrade-perl-params-util-debugsource
  • redhat-upgrade-perl-parent
  • redhat-upgrade-perl-pathtools
  • redhat-upgrade-perl-pathtools-debuginfo
  • redhat-upgrade-perl-pathtools-debugsource
  • redhat-upgrade-perl-perl-ostype
  • redhat-upgrade-perl-perlfaq
  • redhat-upgrade-perl-perlio-via-quotedprint
  • redhat-upgrade-perl-ph
  • redhat-upgrade-perl-pod-checker
  • redhat-upgrade-perl-pod-escapes
  • redhat-upgrade-perl-pod-functions
  • redhat-upgrade-perl-pod-html
  • redhat-upgrade-perl-pod-parser
  • redhat-upgrade-perl-pod-perldoc
  • redhat-upgrade-perl-pod-simple
  • redhat-upgrade-perl-pod-usage
  • redhat-upgrade-perl-podlators
  • redhat-upgrade-perl-posix
  • redhat-upgrade-perl-posix-debuginfo
  • redhat-upgrade-perl-safe
  • redhat-upgrade-perl-scalar-list-utils
  • redhat-upgrade-perl-scalar-list-utils-debuginfo
  • redhat-upgrade-perl-scalar-list-utils-debugsource
  • redhat-upgrade-perl-search-dict
  • redhat-upgrade-perl-selectsaver
  • redhat-upgrade-perl-selfloader
  • redhat-upgrade-perl-sigtrap
  • redhat-upgrade-perl-socket
  • redhat-upgrade-perl-socket-debuginfo
  • redhat-upgrade-perl-socket-debugsource
  • redhat-upgrade-perl-software-license
  • redhat-upgrade-perl-sort
  • redhat-upgrade-perl-storable
  • redhat-upgrade-perl-storable-debuginfo
  • redhat-upgrade-perl-storable-debugsource
  • redhat-upgrade-perl-sub-exporter
  • redhat-upgrade-perl-sub-install
  • redhat-upgrade-perl-subs
  • redhat-upgrade-perl-symbol
  • redhat-upgrade-perl-sys-hostname
  • redhat-upgrade-perl-sys-hostname-debuginfo
  • redhat-upgrade-perl-sys-syslog
  • redhat-upgrade-perl-sys-syslog-debuginfo
  • redhat-upgrade-perl-sys-syslog-debugsource
  • redhat-upgrade-perl-term-ansicolor
  • redhat-upgrade-perl-term-cap
  • redhat-upgrade-perl-term-complete
  • redhat-upgrade-perl-term-readline
  • redhat-upgrade-perl-term-table
  • redhat-upgrade-perl-test
  • redhat-upgrade-perl-test-harness
  • redhat-upgrade-perl-test-simple
  • redhat-upgrade-perl-text-abbrev
  • redhat-upgrade-perl-text-balanced
  • redhat-upgrade-perl-text-diff
  • redhat-upgrade-perl-text-glob
  • redhat-upgrade-perl-text-parsewords
  • redhat-upgrade-perl-text-tabs-wrap
  • redhat-upgrade-perl-text-template
  • redhat-upgrade-perl-thread
  • redhat-upgrade-perl-thread-queue
  • redhat-upgrade-perl-thread-semaphore
  • redhat-upgrade-perl-threads
  • redhat-upgrade-perl-threads-debuginfo
  • redhat-upgrade-perl-threads-debugsource
  • redhat-upgrade-perl-threads-shared
  • redhat-upgrade-perl-threads-shared-debuginfo
  • redhat-upgrade-perl-threads-shared-debugsource
  • redhat-upgrade-perl-tie
  • redhat-upgrade-perl-tie-file
  • redhat-upgrade-perl-tie-memoize
  • redhat-upgrade-perl-tie-refhash
  • redhat-upgrade-perl-time
  • redhat-upgrade-perl-time-hires
  • redhat-upgrade-perl-time-hires-debuginfo
  • redhat-upgrade-perl-time-hires-debugsource
  • redhat-upgrade-perl-time-local
  • redhat-upgrade-perl-time-piece
  • redhat-upgrade-perl-time-piece-debuginfo
  • redhat-upgrade-perl-unicode-collate
  • redhat-upgrade-perl-unicode-collate-debuginfo
  • redhat-upgrade-perl-unicode-collate-debugsource
  • redhat-upgrade-perl-unicode-normalize
  • redhat-upgrade-perl-unicode-normalize-debuginfo
  • redhat-upgrade-perl-unicode-normalize-debugsource
  • redhat-upgrade-perl-unicode-ucd
  • redhat-upgrade-perl-uri
  • redhat-upgrade-perl-user-pwent
  • redhat-upgrade-perl-utils
  • redhat-upgrade-perl-vars
  • redhat-upgrade-perl-version
  • redhat-upgrade-perl-version-debuginfo
  • redhat-upgrade-perl-version-debugsource
  • redhat-upgrade-perl-vmsish

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;