Race condition in Perl - CVE-2025-40909
Published: July 31, 2025
Vulnerability identifier: #VU113526
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-40909
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Perl
Affected software:
Perl
Perl
Detailed vulnerability description
The vulnerability allows a local user to tamper with application's behavior.
The vulnerability exists due to a race condition if a directory handle is open at thread creation. A local user can exploit the race and force the application to load code or access files from unexpected location.
How to mitigate CVE-2025-40909
Install updates from vendor's website.
Sources
- http://www.openwall.com/lists/oss-security/2025/05/23/1
- http://www.openwall.com/lists/oss-security/2025/05/30/4
- http://www.openwall.com/lists/oss-security/2025/06/02/2
- http://www.openwall.com/lists/oss-security/2025/06/02/5
- http://www.openwall.com/lists/oss-security/2025/06/02/6
- http://www.openwall.com/lists/oss-security/2025/06/02/7
- http://www.openwall.com/lists/oss-security/2025/06/03/1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226
- https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e
- https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch
- https://github.com/Perl/perl5/issues/10387
- https://github.com/Perl/perl5/issues/23010
- https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads
- https://www.openwall.com/lists/oss-security/2025/05/22/2