Ancestors

Toot

Written by BJ Swope :verified:➖ on 2023-12-03 at 15:20

I’ll go@out on a limb and say it only affects orgs with OT/ICS…

=> View attached media

=> More informations about this toot | More toots from cybeej@infosec.exchange

Descendants

Written by Royce Williams on 2023-12-03 at 16:19

@cybeej

You'd be surprised. Or maybe you wouldn't. 😁

References for anyone playing along at home, details about that Perl CVE:

https://nvd.nist.gov/vuln/detail/CVE-2023-47100

https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3

"In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0."

So if someone can't patch (which doesn't seem far-fetched, if someone is still using Perl), eliminating that \p regular-expression operator is probably a reasonable workaround.

[#]CVE202347100 #CVE_2023_47100 #Perl

=> More informations about this toot | More toots from tychotithonus@infosec.exchange

Written by Gene Boggs on 2023-12-03 at 16:35

@tychotithonus What does "if someone can't patch (which doesn't seem far-fetched, if someone is still using Perl)" mean?

=> More informations about this toot | More toots from ology@fosstodon.org

Written by Royce Williams on 2023-12-03 at 16:36

@ology If you're not using Perl voluntarily, you might be working with a system that's hard to patch. (And I say that with love, as someone who still actively uses Perl!)

=> More informations about this toot | More toots from tychotithonus@infosec.exchange

Written by Gene Boggs on 2023-12-03 at 16:37

@tychotithonus Aha. Thanks. I was a bit confused - not enough coffee in me yet! :D

=> More informations about this toot | More toots from ology@fosstodon.org