Bug#628817: perl NULL pointer dereference

Thijs Kinkhorst thijs at debian.org
Wed Jun 1 15:52:17 UTC 2011

Package: perl
Severity: serious
Tags: security


the following CVE (Common Vulnerabilities & Exposures) id was
published for perl.

| Perl 5.10.x allows context-dependent attackers to cause a denial of
| service (NULL pointer dereference and application crash) by leveraging
| an ability to inject arguments into a (1) getpeername, (2) readdir,
| (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir
| function call.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761

More information about the Perl-maintainers mailing list