Impact
List::SomeUtils::XS versions before 0.59 for Perl contain a heap buffer overflow in the pairwise function. The function allocates a heap buffer sized to the longer input array and then expands it with a single quadrupling operation each time data is copied. If the block supplied to pairwise returns more than four times the length of the longest input array in one invocation, the buffer grows too small and a memcpy copy writes beyond its bounds, corrupting heap memory. This corruption can cause program crashes or other unstable behavior.
Affected Systems
Any Perl installation that loads List::SomeUtils::XS before version 0.59 and invokes the pairwise function is impacted. Systems using versions 0.58 and earlier must check for the exact module version, as these releases carry the flaw.
Risk and Exploitability
The CVSS score of 7.5 indicates moderate to high severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires a caller to invoke pairwise with a block that returns a very large value, so the risk is more pronounced in environments where untrusted code can construct such calls. While the primary impact is heap corruption leading to possible denial of service, more advanced exploitation could arise if the corrupted memory is leveraged for arbitrary code execution, though such a scenario is not confirmed.
OpenCVE Enrichment