CVE-2017-20230
Perl · Storable
The Storable module for Perl contains a stack overflow vulnerability in the retrieve_hook function due to inconsistent handling of class name length between signed and unsigned integers.
Executive summary
A critical stack overflow vulnerability in the Perl Storable module before version 3.05 could allow attackers to execute arbitrary code via malformed data.
Vulnerability
The vulnerability exists in the retrieve_hook function, which incorrectly handles class name lengths by mixing signed and unsigned integer operations, triggering a stack overflow during read operations.
Business impact
A stack overflow in a core Perl module can result in application crashes, denial of service, or potentially remote code execution. With a CVSS score of 10.0, this represents an extremely high risk, as it may allow an attacker to gain control over the underlying host system, leading to full compromise of the application environment.
Remediation
Immediate Action: Upgrade the Storable module to version 3.05 or higher to resolve the integer handling inconsistency.
Proactive Monitoring: Monitor application logs for unexpected termination or segmentation faults that may indicate memory corruption attempts.
Compensating Controls: Utilize memory protection features provided by the operating system (e.g., ASLR, DEP/NX) to hinder successful exploitation of stack-based overflows.
Exploitation status
Public Exploit Available: None
Analyst recommendation
This vulnerability carries a maximum severity rating and requires immediate attention for any systems utilizing the Perl Storable module. Ensure that dependencies are updated to the patched version as soon as possible to prevent potential remote exploitation.