Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42 perl-Crypt-URandom Key Memory Overflow Resolution 2026-c1a2b3d4e5

fedora
Calendar Grey March 4, 2026
Dist Fedora Esm H88
Address heap buffer overflow in perl-Crypt-URandom on Fedora 42 with critical updates for enhanced security.
This release fixes CVE-2026-2474 (a heap buffer overflow) and handling failed read syscalls.

Summary

This Module is intended to provide an interface to the strongest available

source of non-blocking randomness on the current platform.

Update Information:

This release fixes CVE-2026-2474 (a heap buffer overflow) and handling failed read syscalls.

Topics%20covered

Topics Covered

security advisory fedora important threat mitigation heap buffer overflow perl-Crypt-URandom

Change Log

* Mon Feb 23 2026 Petr Pisar - 0.55-1 - 0.55 bump (CVE-2026-2474, bug #2440312)

References


[ 1 ] Bug #2440306 - CVE-2026-2474 crypt-urandom: Crypt::URandom for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom() https://bugzilla.redhat.com/show_bug.cgi?id=2440306

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b0bf6e9c9b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: perl-Crypt-URandom
Product: Fedora 42
Version: 0.55
Release: 1.fc42
URL: https://metacpan.org/release/Crypt-URandom
Summary: Non-blocking randomness for Perl

Topics%20covered

Topics Covered

security advisory fedora important threat mitigation heap buffer overflow perl-Crypt-URandom

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here