Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 23 Python Security Random Essentials Addressing Buffer Overflow

fedora
Calendar Grey March 11, 2026
Dist Fedora Esm H88
Update for Fedora 42 addresses a heap-based buffer overflow in perl-Crypt-SysRandom-XS for enhanced system security.
0.011 - Update data pointer on resize for rdrand; Clean up string length handling 0.010 - Disallow requesting strings with negative lengths CVE-2026-2597; Try arc4random in stdlib....

Summary

This module uses whatever C interface is available to procure

cryptographically random data from the system.

Update Information:

0.011 - Update data pointer on resize for rdrand; Clean up string length handling 0.010 - Disallow requesting strings with negative lengths CVE-2026-2597; Try arc4random in stdlib.h first; Correct value of PROTOTYPES keyword in XS

Change Log

* Mon Mar 2 2026 Jitka Plesnikova - 0.011-1 - 0.011 bump (rhbz#2440318)

References


[ 1 ] Bug #2443384 - CVE-2026-2597 perl-Crypt-SysRandom-XS: heap-based buffer overflow in the XS function random_bytes() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2443384

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c0123ede74' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: perl-Crypt-SysRandom-XS
Product: Fedora 42
Version: 0.011
Release: 1.fc42
Summary: Perl interface to system randomness, XS version

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here