rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/linea/RUSTSEC-2019-0021.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

667 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2019-0021"
package = "linea"
aliases = ["CVE-2019-16880", "GHSA-j52m-489x-v634"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
categories = ["memory-corruption"]
date = "2019-09-14"
keywords = ["double free"]
url = "https://github.com/strake/linea.rs/issues/2"

[versions]
patched = ["> 0.9.4"]

Matrix::zip_elements causes double free

Affected versions of this crate did not properly implements the Matrix::zip_elements method, which causes an double free when the given trait implementation might panic.

This allows an attacker to corrupt or take control of the memory.

The flaw was corrected by Phosphorus15.