REDHAT-BUG-912276
First published: Mon Feb 18 2013(Updated: )
A denial of service flaw was found in the way Perl's rehashing code implementation (responsible for recalculation of hash keys and redistribution of hash content) used to react on certain user's input. If a Perl language based application accepted untrusted user input as hash keys, an attacker could use this flaw to cause the perl executable to consume excessive amount of memory (a denial of service via memory exhaustion). References: [1] <a href="http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html">http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Perl |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.nntp.perl.org/group/perl.perl5.porters/2013/03/msg199755.html
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698789&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698789&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698790&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698790&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698791&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698791&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698792&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698792&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698793&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698793&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698794&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=698794&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=705064&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=705064&action=edit
- http://perl5.git.perl.org/perl.git/commitdiff/6e79fe5
- http://perl5.git.perl.org/perl.git/commitdiff/9d83adc
- http://perl5.git.perl.org/perl.git/commitdiff/d59e31f
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=918008
- https://rhn.redhat.com/errata/RHSA-2013-0685.html
- https://bugzilla.redhat.com/show_bug.cgi?id=912276
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-1667
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/perl
- canonical/perl