Heap Out-of-Bounds Read in Perl's Net::IP::LPM Affects Users
CVE-2026-56015
What is CVE-2026-56015?
The Net::IP::LPM Perl module suffers from a heap out-of-bounds read flaw that arises when an unbounded prefix length is passed. Specifically, the add() function forwards the prefix string to the trie building function addPrefixToTrie() without verifying it against the address width. Consequently, if a prefix length exceeds the valid range—greater than 32 for IPv4 or 128 for IPv6—it leads to a read operation past the bounds of the allocated address buffer. While this out-of-bounds access occurs during trie construction, it may be detected using tools like AddressSanitizer or valgrind. Importantly, the vulnerability does not expose out-of-bounds bytes through valid API calls, maintaining a level of protection against accidental leaks.
Affected Version(s)
Net::IP::LPM 0 <= 1.10
