JSON::SIMD Integer Buffer Overflow Vulnerability in Legacy Decoder Allowing Denial-of-Service

A buffer overflow vulnerability has been identified in the JSON::SIMD Perl module, prior to version 1.07. The issue arises in the legacy decoder when it parses specially crafted JSON input, leading to an integer buffer overflow that causes a segmentation fault. This vulnerability can be exploited to create denial-of-service conditions or potentially allow for other unspecified impacts. The problem is exacerbated if the module is compiled with certain options enabled, although these are not the default in most binary distributions.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by using the JSON::SIMD module's legacy decoder to parse a specially crafted JSON string. This string should be designed to exploit the buffer overflow in the floating point number parser, which is inherited from JSON::XS. The JSON::SIMD module must be configured to use the legacy decoder, either by calling 'JSON::SIMD->new->use_simdjson(0)' or by compiling the module with 'USE_LONG_DOUBLE' or 'USE_QUADMATH' options, which are not default in most binary distributions.

Remediation

Users can upgrade to JSON::SIMD version 1.07 or later, where this vulnerability has been fixed.