Skip to main content
Skip table of contents

ISN 2025-15: Perl Vulnerability

First published 23 June 2025

CVSS 3.1: 8.6 (High)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Summary

A security vulnerability has been found in Perl, a scripting language used in IGEL OS. This affects the following product versions:

  • IGEL OS 12

  • IGEL OS 11

Details

A heap buffer overflow vulnerability was discovered in how Perl handles non-ASCII bytes in the left-hand-side of the ‘tr’ operator. This can crash the process and potentially enable code execution. It is tracked as CVE-2024-56406 and rated as high.

Update Instructions

  • OS 12: Update to IGEL OS 12.8.0 when available (planned for August).

  • OS 11: : Update to IGEL OS 11.11.100 when available (planned for August).

References

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close