High severity7.5NVD Advisory· Published May 25, 2016· Updated Jun 17, 2026
CVE-2015-8853
CVE-2015-8853
Description
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*range: <=5.23.9
- (no CPE)range: <5.24.0
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- osv-coords6 versionspkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 5.18.2-11.1+ 5 more
- (no CPE)range: < 5.18.2-11.1
- (no CPE)range: < 5.10.0-64.80.1
- (no CPE)range: < 5.18.2-11.1
- (no CPE)range: < 5.10.0-64.80.1
- (no CPE)range: < 5.18.2-11.1
- (no CPE)range: < 5.10.0-64.80.1
Patches
Vulnerability mechanics
References
13- perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2016-May/183592.htmlnvd
- www.openwall.com/lists/oss-security/2016/04/20/5nvd
- www.openwall.com/lists/oss-security/2016/04/20/7nvd
- www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlnvd
- www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlnvd
- www.securityfocus.com/bid/86707nvd
- bugzilla.redhat.com/show_bug.cginvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- rt.perl.org/Public/Bug/Display.htmlnvd
- security.gentoo.org/glsa/201701-75nvd
- usn.ubuntu.com/3625-1/nvd
- usn.ubuntu.com/3625-2/nvd
News mentions
0No linked articles in our index yet.