Fedora 40: perl 2025-8445f115f6 critical: CVE-2024-56406 buffer overflow
fedora
April 30, 2025
Fix CVE-2024-56406
Summary
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming.
This is a metapackage with all the Perl bits and core modules that can be
found in the upstream tarball from perl.org.
If you need only a specific feature, you can install a specific package
instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,
install perl-interpreter package. See perl-interpreter description for more
details on the Perl decomposition into packages.
Update Information:
Fix CVE-2024-56406
Topics Covered
Change Log
* Mon Apr 14 2025 Jitka Plesnikova
References
[ 1 ] Bug #2359474 - CVE-2024-56406 perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2359474
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8445f115f6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: perl
Product: Fedora 40
Version: 5.38.4
Release: 508.fc40
Summary: Practical Extraction and Report Language
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!