RHSA-2025:17162: Moderate: perl-JSON-XS security update
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C.Security Fix(es): JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON (CVE-2025-40928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2025:17162?
The severity of RHSA-2025:17162 is classified as moderate.
How do I fix RHSA-2025:17162?
To fix RHSA-2025:17162, update the JSON-XS module to the latest version that contains the security patch.
What systems are affected by RHSA-2025:17162?
RHSA-2025:17162 affects systems using the JSON-XS module that handle Perl data structures.
What vulnerability does RHSA-2025:17162 address?
RHSA-2025:17162 addresses an integer buffer overflow that can cause a segmentation fault when parsing crafted JSON.
Is there a workaround for RHSA-2025:17162?
There are no recommended workarounds for RHSA-2025:17162; applying the patch is the best course of action.