Description
Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record.

retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value.

A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization.
Published: 2026-07-13
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

Upgrade to Storable 3.41 or later.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Description Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record. retrieve_hook_common reads a signed 32-bit item count from an SX_HOOK record and calls av_extend with that count plus one. A count of I32_MAX wraps the addition to a negative value. A crafted blob passed to thaw or retrieve triggers the overflow; av_extend receives the negative count and dies with a panic, terminating the deserialization.
Title Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record
Weaknesses CWE-190
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: CPANSec

Published:

Updated: 2026-07-13T19:30:47.772Z

Reserved: 2026-06-24T13:09:26.322Z

Link: CVE-2026-57433

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses