rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/pnet/RUSTSEC-2019-0037.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

706 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2019-0037"
package = "pnet"
categories = ["memory-corruption"]
cvss = "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H"
date = "2019-06-11"
keywords = ["segfault"]
url = "https://github.com/libpnet/libpnet/issues/449"
aliases = ["CVE-2019-25054", "GHSA-24g6-5rx7-58wj", "GHSA-r6ff-2q3c-v3pv"]
[affected.functions]
"pnet::transport::IcmpTransportChannelIterator" = ["< 0.27.2"]
[versions]
patched = [">= 0.27.2"]

Compiler optimisation for next_with_timeout in pnet::transport::IcmpTransportChannelIterator flaws to SEGFAULT

Affected versions of this crate were optimized out by compiler, which caused dereference of uninitialized file descriptor which caused segfault.