develooper Front page | perl.perl5.porters | Postings from March 2021

Re: Disclosing a Security Vulnerability in perl v5.30.0

Thread Previous
From:
Dan Book
Date:
March 1, 2021 16:36
Subject:
Re: Disclosing a Security Vulnerability in perl v5.30.0
Message ID:
CABMkAVXmxiM-EGwwAx7jdZoMha0V1N4v_gGQjw=sNZVWi=25SA@mail.gmail.com
On Mon, Mar 1, 2021 at 8:45 AM Amir Naseredini <S.Naseredini@sussex.ac.uk>
wrote:

> Hello,
> I hope you are safe and well.
>
> We want to responsibility disclose to you that in the process of
> evaluating your product against Spectre attacks during our recent work, our
> group was able to exploit a program interpreted with perl v5.30.0 and
> extract secret data from it.
>
> Spectre exploits the mismatch between architectural and microarchitectural
> states by mistraining branch predictors, so victim code (called gadget)
> executes a mispredicted branch and then rolls back the architectural state.
> in our attack written in C, the victim was written in Perl and compiled
> with perl v5.30.0.
>
> We show in our work, that it is possible to develop Spectre attacks that
> exploit the vulnerability in the program interpreted with perl v5.30.0. In
> addition, we were not able to find any active mitigations in your product.
>
> Please feel free to contact us should you have any further questions or
> concerns. We would also be happy to share the paper with you confidentially.
>
>
Hello,

Please see
https://perldoc.perl.org/perlsecpolicy#REPORTING-SECURITY-ISSUES-IN-PERL
for how to confidentially report details of security issues. Thanks for
your effort.

-Dan

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About