Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-40909
PUBLISHED
More InfoOfficial Page
Assigner-CPANSec
Assigner Org ID-9b29abf9-4ab0-4765-b253-1875cd9b441e
View Known Exploited Vulnerability (KEV) details
Published At-30 May, 2025 | 12:20
Updated At-03 Nov, 2025 | 18:09
Rejected At-
▼CVE Numbering Authority (CNA)
Perl threads have a working directory race condition where file operations may target unintended paths

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6

Affected Products
Vendor
perl
Product
perl
Collection URL
https://cpan.org/modules
Package Name
perl
Repo
https://github.com/perl/perl5
Program Routines
  • threads
Default Status
unaffected
Versions
Affected
  • From 5.13.6 before 5.41.13 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-689CWE-689 Permission Race Condition During Resource Copy
CWECWE-426CWE-426 Untrusted Search Path
Type: CWE
CWE ID: CWE-689
Description: CWE-689 Permission Race Condition During Resource Copy
Type: CWE
CWE ID: CWE-426
Description: CWE-426 Untrusted Search Path
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update perl to an unaffected version, or apply the patch provided in the references section.

Configurations
Workarounds
Exploits
Credits
finder
Vincent Lefevre
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch
patch
https://www.openwall.com/lists/oss-security/2025/05/22/2
mailing-list
exploit
https://github.com/Perl/perl5/issues/23010
issue-tracking
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226
related
https://github.com/Perl/perl5/issues/10387
related
https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads
related
https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e
related
Hyperlink: https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch
Resource:
patch
Hyperlink: https://www.openwall.com/lists/oss-security/2025/05/22/2
Resource:
mailing-list
exploit
Hyperlink: https://github.com/Perl/perl5/issues/23010
Resource:
issue-tracking
Hyperlink: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226
Resource:
related
Hyperlink: https://github.com/Perl/perl5/issues/10387
Resource:
related
Hyperlink: https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads
Resource:
related
Hyperlink: https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e
Resource:
related
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2025/05/23/1
N/A
http://www.openwall.com/lists/oss-security/2025/05/30/4
N/A
http://www.openwall.com/lists/oss-security/2025/06/02/2
N/A
http://www.openwall.com/lists/oss-security/2025/06/02/5
N/A
http://www.openwall.com/lists/oss-security/2025/06/02/6
N/A
http://www.openwall.com/lists/oss-security/2025/06/02/7
N/A
http://www.openwall.com/lists/oss-security/2025/06/03/1
N/A
http://seclists.org/fulldisclosure/2025/Sep/55
N/A
http://seclists.org/fulldisclosure/2025/Sep/54
N/A
http://seclists.org/fulldisclosure/2025/Sep/53
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/05/23/1
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/05/30/4
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/06/02/2
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/06/02/5
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/06/02/6
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/06/02/7
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/06/03/1
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2025/Sep/55
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2025/Sep/54
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2025/Sep/53
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.15.9MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found