YAML::Syck Missing Null-Terminator Vulnerability in Perl Allowing Out-of-Bounds Read
Vulnerability
A vulnerability exists in YAML::Syck versions prior to 1.36 for Perl, where missing null-terminators in the C source file token.c lead to out-of-bounds read conditions. This flaw can potentially allow information disclosure by reading adjacent variables. The issue arises when complex YAML files are parsed, particularly those containing hashes with empty values. While the vulnerability does not indicate memory access beyond what is allocated to the module, the absence of proper null-termination creates a risk of unintended data exposure.
Impact
Exploitation of this vulnerability could lead to out-of-bounds read conditions, allowing adjacent memory to be accessed and potentially disclosed.
Reproduction
The vulnerability can be reproduced by parsing a complex YAML file with a hash that includes all keys but empty values. This specific structure triggers the missing null-terminator issue, causing an out-of-bounds read.
Remediation
Users are advised to update YAML::Syck to version 1.36 or later, where this vulnerability has been addressed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.