Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record.
retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value.
A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization.
retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value.
A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
Upgrade to Storable 3.41 or later.
Workaround
No workaround given by the vendor.
References
History
Tue, 14 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Mon, 13 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record. retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value. A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization. | |
| Title | Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record | |
| Weaknesses | CWE-190 | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: CPANSec
Published:
Updated: 2026-07-14T13:36:37.394Z
Reserved: 2026-06-24T13:09:26.322Z
Link: CVE-2026-57433
Updated: 2026-07-14T13:36:20.698Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses