Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: FEDORA-2025-f142899732 critical: perl directory race condition

fedora
Calendar Grey July 13, 2025
Dist Fedora Esm H88
Resolution for CVE-2025-40910 mitigates synchronization issues in Python path management on Fedora 42, bolstering overall system integrity.
Fixes CVE-2025-40909 - Clone dirhandles without fchdir

Summary

Perl is a high-level programming language with roots in C, sed, awk and shell

scripting. Perl is good at handling processes and files, and is especially

good at handling text. Perl's hallmarks are practicality and efficiency.

While it is used to do a lot of different things, Perl's most common

applications are system administration utilities and web programming.

This is a metapackage with all the Perl bits and core modules that can be

found in the upstream tarball from perl.org.

If you need only a specific feature, you can install a specific package

instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,

install perl-interpreter package. See perl-interpreter description for more

details on the Perl decomposition into packages.

Update Information:

Fixes CVE-2025-40909 - Clone dirhandles without fchdir

Topics%20covered

Topics Covered

security advisory fedora critical race condition perl directory

Change Log

* Wed Jul 9 2025 Jitka Plesnikova - 4:5.40.2-516 - Fixes: CVE-2025-40909 - Clone dirhandles without fchdir

References


[ 1 ] Bug #2369463 - CVE-2025-40909 perl: Perl threads have a working directory race condition where file operations may target unintended paths [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2369463

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f142899732' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: perl
Product: Fedora 41
Version: 5.40.2
Release: 516.fc41
URL: https://www.perl.org/
Summary: Practical Extraction and Report Language

Topics%20covered

Topics Covered

security advisory fedora critical race condition perl directory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here