Debian 11 perl Important Code Injection Weakness DLA-4538-1 CVE-2025-40909
debian lts
April 18, 2026
Vincent Lefèvre discovered that, in the Perl programming language, at thread creation the current directory may temporarily change in other threads, altering file accesses
Topics Covered
Summary
For Debian 11 bullseye, this problem has been fixed in version
5.32.1-4+deb11u5.
We recommend that you upgrade your perl packages.
For the detailed security status of perl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/perl
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Package: perl
Version: 5.32.1-4+deb11u5
CVE ID: CVE-2025-40909
Debian Bug: 1098226
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!