rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/multiqueue/RUSTSEC-2020-0143.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

750 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2020-0143"
package = "multiqueue"
date = "2020-12-25"
url = "https://github.com/schets/multiqueue/issues/31"
categories = ["memory-corruption", "thread-safety"]
aliases = ["CVE-2020-36463", "GHSA-jf43-3v8j-qwwr", "GHSA-r2x6-vrxx-jgv4"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

[versions]
patched = []

Queues allow non-Send types to be sent to other threads, allowing data races

Affected versions of this crate unconditionally implemented Send for types used in queue implementations (InnerSend<RW, T>, InnerRecv<RW, T>, FutInnerSend<RW, T>, FutInnerRecv<RW, T>).

This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior.