rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update five std CVEs (#946)

Browse Source
This commit is contained in:
Yechan Bae
2021-07-06 14:36:13 -04:00
committed by GitHub
parent 23d8630fbe
commit afbc0dc9e1
5 changed files with 80 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
rust/std/CVE-2017-20004.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "CVE-2017-20004"
package = "std"
categories = ["thread-safety"]
date = "2017-04-29"
url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20004"
[versions]
patched = [">= 1.19.0"]
unaffected = ["< 1.0.0"]
```
# MutexGuard\<Cell\<i32\>\> must not be Sync
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.

16
rust/std/CVE-2018-25008.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "CVE-2018-25008"
package = "std"
categories = ["thread-safety"]
date = "2018-06-25"
url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25008"
[versions]
patched = [">= 1.29.0"]
unaffected = ["< 1.3.0"]
```
# Insufficient synchronization in `Arc::get_mut`
In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.

16
rust/std/CVE-2019-1010299.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "CVE-2019-1010299"
package = "std"
categories = ["memory-exposure"]
date = "2018-08-21"
url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010299"
[versions]
patched = [">= 1.30.0"]
unaffected = ["< 1.18.0"]
```
# vec_deque::Iter has unsound Debug implementation
The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vec_deque::Iter. The attack vector is: The program needs to invoke debug printing for iterator over an empty VecDeque. The fixed version is: 1.30.0, nightly versions after commit b85e4cc8fadaabd41da5b9645c08c68b8f89908d.

16
rust/std/CVE-2020-36323.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "CVE-2020-36323"
package = "std"
categories = ["memory-exposure"]
date = "2020-12-23"
url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36323"
[versions]
patched = [">= 1.52.0"]
unaffected = ["< 1.28.0"]
```
# API soundness issue in join() implementation of \[Borrow\<str\>\]
In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

16
rust/std/CVE-2021-31162.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "CVE-2021-31162"
package = "std"
categories = ["memory-corruption"]
date = "2021-03-28"
url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31162"
[versions]
patched = [">= 1.52.0"]
unaffected = ["< 1.48.0"]
```
# Double free in Vec::from_iter specialization when drop panics
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.