{
  "threat_severity" : "Moderate",
  "public_date" : "2020-06-02T00:00:00Z",
  "bugzilla" : {
    "description" : "perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS",
    "id" : "1838000",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1838000"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-20->CWE-185",
  "details" : [ "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls." ],
  "statement" : "A vulnerability in the Perl regular expression compiler affects Red Hat Enterprise Linux 7 and 8. The flaw exists in the S_study_chunk() function's handling of GOSUB opcodes during regular expression compilation. When processing untrusted regular expressions, recursive calls to S_study_chunk() can corrupt the intermediate language state, allowing an attacker to inject malicious instructions into the compiled regular expression. This network-accessible vulnerability can lead to denial of service. To mitigate, applications should not allow compilation of untrusted regular expressions. Note that this issue affects regular expression compilation, not pattern matching against untrusted input.",
  "acknowledgement" : "Red Hat would like to thank Sergey Aleynikov for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2021-02-02T00:00:00Z",
    "advisory" : "RHSA-2021:0343",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "perl-4:5.16.3-299.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support",
    "release_date" : "2021-04-20T00:00:00Z",
    "advisory" : "RHSA-2021:1266",
    "cpe" : "cpe:/o:redhat:rhel_aus:7.4",
    "package" : "perl-4:5.16.3-292.el7_4.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support",
    "release_date" : "2021-04-20T00:00:00Z",
    "advisory" : "RHSA-2021:1266",
    "cpe" : "cpe:/o:redhat:rhel_tus:7.4",
    "package" : "perl-4:5.16.3-292.el7_4.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions",
    "release_date" : "2021-04-20T00:00:00Z",
    "advisory" : "RHSA-2021:1266",
    "cpe" : "cpe:/o:redhat:rhel_e4s:7.4",
    "package" : "perl-4:5.16.3-292.el7_4.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support",
    "release_date" : "2021-03-16T00:00:00Z",
    "advisory" : "RHSA-2021:0883",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.6",
    "package" : "perl-4:5.16.3-294.el7_6.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.7 Extended Update Support",
    "release_date" : "2021-03-30T00:00:00Z",
    "advisory" : "RHSA-2021:1032",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.7",
    "package" : "perl-4:5.16.3-294.el7_7.1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-02-16T00:00:00Z",
    "advisory" : "RHSA-2021:0557",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "perl-4:5.26.3-417.el8_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-02-16T00:00:00Z",
    "advisory" : "RHSA-2021:0557",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "perl-4:5.26.3-417.el8_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support",
    "release_date" : "2021-06-02T00:00:00Z",
    "advisory" : "RHSA-2021:2184",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.2",
    "package" : "perl-4:5.26.3-417.el8_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "perl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "perl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "perl:5.24/perl",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-12723\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-12723" ],
  "name" : "CVE-2020-12723",
  "mitigation" : {
    "value" : "To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
    "lang" : "en:us"
  },
  "csaw" : false
}