RHSA-2025:17163: Moderate: perl-JSON-XS security update
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C.Security Fix(es): JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON (CVE-2025-40928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2025:17163?
The severity of RHSA-2025:17163 is classified as moderate.
How do I fix RHSA-2025:17163?
To fix RHSA-2025:17163, update the Perl JSON-XS module to the latest patched version.
What is the vulnerability in RHSA-2025:17163?
RHSA-2025:17163 addresses an integer buffer overflow in the JSON-XS module that can cause a segmentation fault when parsing crafted JSON.
Which software is affected by RHSA-2025:17163?
The affected software for RHSA-2025:17163 is Perl JSON-XS.
What are the potential impacts of RHSA-2025:17163?
The potential impacts of RHSA-2025:17163 include application crashes due to segmentation faults when handling malicious JSON input.