Description
Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks.

These versions use Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying derived-key.
Published: 2026-06-12
Score: 5.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Crypt::PBKDF2 modules prior to version 0.261630 use Perl’s built‑in eq operator to compare derived keys, which introduces timing differences that an attacker can observe. The vulnerability therefore allows a timing side‑channel attack that can reveal portions of the derived key material. This loss of secrecy undermines any processes that depend on the confidentiality of those keys.

Affected Systems

The Perl Crypt::PBKDF2 distribution from the ARODLAND vendor, versions before 0.261630, is affected.

Risk and Exploitability

The flaw is a timing side‑channel; an attacker must be able to repeatedly invoke the comparison. The CVE description does not specify the exact attack vector, so it is inferred that the attack could be performed locally or remotely if PBKDF2 is used in an authentication or other remote service that exposes the comparison. EPSS data is not available, and there is no KEV listing, but the lack of a public exploit does not preclude potential use of the side‑channel. The CVSS score of 5.9 indicates a moderate severity, and combined with the potential to reconstruct a derived key via timing, represents a notable risk. No elevated privileges are required beyond the ability to invoke the comparison function.

Generated by OpenCVE AI on June 12, 2026 at 17:21 UTC.

Remediation

Vendor Solution

Upgrade to version 0.261630 or later.

Vendor Workaround

Apply the patch from the referenced pull request.

OpenCVE Recommended Actions

  • Upgrade Crypt::PBKDF2 to version 0.261630 or later
  • If an upgrade is not immediately possible, apply the patch from the referenced pull request
  • Refactor application code to perform derived‑key comparisons using a constant‑time algorithm to eliminate timing leakage

Generated by OpenCVE AI on June 12, 2026 at 17:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Arodland
Arodland crypt::pbkdf2
Vendors & Products Arodland
Arodland crypt::pbkdf2

Fri, 12 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
References

Fri, 12 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 12 Jun 2026 13:45:00 +0000

Type Values Removed Values Added
Description Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks. These versions use Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying derived-key.
Title Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks
Weaknesses CWE-208
References

Subscriptions

Arodland Crypt::pbkdf2
cve-icon MITRE

Status: PUBLISHED

Assigner: CPANSec

Published:

Updated: 2026-06-12T16:59:33.477Z

Reserved: 2026-05-26T18:23:21.387Z

Link: CVE-2017-20240

cve-icon Vulnrichment

Updated: 2026-06-12T16:59:33.477Z

cve-icon NVD

Status : Deferred

Published: 2026-06-12T14:16:28.660

Modified: 2026-06-12T17:16:22.133

Link: CVE-2017-20240

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T20:20:26Z

Weaknesses
  • CWE-208

    Observable Timing Discrepancy