ALAS-2025-1981安全公告
漏洞概述
问题描述:在目录句柄打开时创建线程会执行fchdir操作,影响其他线程(竞争条件)(CVE-2025-40909)
基本信息
- 公告发布日期:2025-06-09
- 公告更新日期:2025-06-09
- 严重等级:中等级别
- 参考信息:CVE-2025-40909
受影响软件包
主要受影响包:perl
修复方案
运行以下命令更新系统:
|
|
或
|
|
更新软件包列表
i686架构:
- perl-debuginfo-5.16.3-294.45.amzn1.i686
- perl-5.16.3-294.45.amzn1.i686
- perl-devel-5.16.3-294.45.amzn1.i686
- perl-macros-5.16.3-294.45.amzn1.i686
- perl-libs-5.16.3-294.45.amzn1.i686
- perl-Time-Piece-1.20.1-294.45.amzn1.i686
- perl-core-5.16.3-294.45.amzn1.i686
- perl-tests-5.16.3-294.45.amzn1.i686
noarch架构:
- perl-IO-Zlib-1.10-294.45.amzn1.noarch
- perl-Locale-Maketext-Simple-0.21-294.45.amzn1.noarch
- perl-Package-Constants-0.02-294.45.amzn1.noarch
- perl-ExtUtils-CBuilder-0.28.2.6-294.45.amzn1.noarch
- perl-Pod-Escapes-1.04-294.45.amzn1.noarch
- perl-Module-CoreList-2.76.02-294.45.amzn1.noarch
- perl-ExtUtils-Install-1.58-294.45.amzn1.noarch
- perl-ExtUtils-Embed-1.30-294.45.amzn1.noarch
- perl-Module-Loaded-0.08-294.45.amzn1.noarch
- perl-CPAN-1.9800-294.45.amzn1.noarch
- perl-Object-Accessor-0.42-294.45.amzn1.noarch
源代码包:
- perl-5.16.3-294.45.amzn1.src
x86_64架构:
- perl-core-5.16.3-294.45.amzn1.x86_64
- perl-debuginfo-5.16.3-294.45.amzn1.x86_64
- perl-Time-Piece-1.20.1-294.45.amzn1.x86_64
- perl-tests-5.16.3-294.45.amzn1.x86_64
- perl-5.16.3-294.45.amzn1.x86_64
- perl-libs-5.16.3-294.45.amzn1.x86_64
- perl-devel-5.16.3-294.45.amzn1.x86_64
- perl-macros-5.16.3-294.45.amzn1.x86_64
更新日志
2025-08-05:此公告的严重等级已从重要更改为中等
附加参考
- Red Hat:CVE-2025-40909
- Mitre:CVE-2025-40909