REDHAT-BUG-2393878: Buffer Overflow
Published Sep 8, 2025
·Updated
JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact
Affected Software
1 affected component
Perl JSON::XS<4.04
Event History
Sep 8, 2025
Data Sourced
via Red Hat·04:01 PM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of REDHAT-BUG-2393878?
The severity of REDHAT-BUG-2393878 is classified as critical due to the potential for denial-of-service attacks.
2
How do I fix REDHAT-BUG-2393878?
To fix REDHAT-BUG-2393878, upgrade Perl JSON::XS to version 4.04 or later.
3
What causes the vulnerability in REDHAT-BUG-2393878?
The vulnerability in REDHAT-BUG-2393878 is caused by an integer buffer overflow when parsing crafted JSON.
4
What are the potential impacts of REDHAT-BUG-2393878?
The potential impacts of REDHAT-BUG-2393878 include application crashes, resulting in a denial-of-service situation.
5
Which versions of Perl JSON::XS are affected by REDHAT-BUG-2393878?
Versions of Perl JSON::XS prior to 4.04 are affected by REDHAT-BUG-2393878.