Compliance Impact

I don't know

Useful 0 Not Useful 0

Executive Summary

CVE-2026-2869 is a vulnerability in the janet-lang janet programming language affecting versions up to 1.40.1. It occurs in the function janetc_varset within the file src/core/specials.c, specifically in the handleattr handler component.

The vulnerability is an out-of-bounds read (CWE-125), where the program reads data beyond the allocated buffer boundaries, caused by an off-by-one error accessing an element just beyond the end of a tuple during compilation of malformed definition attributes.

This flaw can be exploited locally (no remote exploitation) and is considered easy to exploit, with a public proof-of-concept available. The issue primarily affects system availability by potentially causing crashes or undefined behavior.

The vulnerability is fixed by upgrading janet to version 1.41.0, which includes a patch that corrects the boundary checks to prevent out-of-bounds access.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by causing system instability or crashes due to out-of-bounds reads during the compilation phase of janet programs.

Since the vulnerability affects availability, it may lead to denial of service conditions in environments where janet-lang janet is used.

Exploitation requires local access and no authentication, so an attacker with local privileges could trigger this issue to disrupt system operations.

Upgrading to janet version 1.41.0 or applying the provided patch mitigates this risk.

Useful 0 Not Useful 0

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability is a local out-of-bounds read in the janet-lang janet programming language, specifically in the function janetc_varset within src/core/specials.c. Detection involves identifying if the vulnerable janet version (up to 1.40.1) is installed and if the vulnerable function is being triggered by malformed input during compilation.'}, {'type': 'paragraph', 'content': 'Since the exploit requires local access and occurs during compilation, network detection is not applicable. Detection can be performed by running a test harness or crafted input that triggers the vulnerability and monitoring for crashes or AddressSanitizer (ASan) reports indicating heap-buffer-overflow in handleattr.'}, {'type': 'paragraph', 'content': 'Suggested commands include building janet with AddressSanitizer enabled and running a reproducer harness with crafted input to trigger the vulnerability. For example:'}, {'type': 'list_item', 'content': 'Build janet with ASan enabled (Linux x86_64, Clang): `make ASAN=1` or equivalent build commands.'}, {'type': 'list_item', 'content': "Run the reproducer harness with a crafted input file that triggers the overflow: `./janet -e 'dostring <crafted_input.janet>'` or using the provided minimal reproducer."}, {'type': 'paragraph', 'content': 'Monitoring system logs or ASan output for heap-buffer-overflow errors at src/core/specials.c:311 can confirm the presence of the vulnerability.'}] [3, 5]

Useful 0 Not Useful 0

Mitigation Strategies

The primary and immediate mitigation step is to upgrade the janet-lang janet programming language to version 1.41.0 or later, which includes a patch that fixes this vulnerability.

The patch (commit ID: 2fabc80151a2b8834ee59cda8a70453f848b40e5) improves error handling in the handleattr function to prevent out-of-bounds reads.

If upgrading is not immediately possible, avoid running untrusted or malformed janet code locally, as the exploit requires local access and malformed input to trigger the vulnerability.

Additionally, consider applying the patch manually if you maintain a custom build, and monitor for any unusual crashes or behavior related to janet compilation.

Useful 0 Not Useful 0