CVE-2020-10878: 
NixOS vulnerability analysis and mitigation

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection (NVD, Debian).

The vulnerability is caused by multiple integer overflows in the calculation of offsets between instructions for the regular expression engine, which could cause corruption of the intermediate language state of a compiled regular expression. The issue has a CVSS Base Score of 8.6 HIGH with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H (NVD).

An attacker could abuse this vulnerability to insert instructions into the compiled form of a Perl regular expression. This could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS) (NetApp Advisory).

The vulnerability was fixed in Perl version 5.30.3. Users should upgrade to this version or later. The fix includes using long jumps if there is any possibility of overflow and extracting the rckelidenothing function to handle the NOTHING cases (Perl Commit, Perl Commit).

Multiple vendors and organizations issued advisories and patches for this vulnerability, including Oracle, Red Hat, Debian, SUSE, and NetApp. The vulnerability was discovered by Hugo van der Sanden and Slaven Rezic (NVD).