rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
2ed85d2178d842fb713e39578de56e55ff1904b8
advisory-db/crates/cyfs-base/RUSTSEC-2023-0046.md
Alexis Mousset 2ed85d2178 Update aliases from GHSA OSV export
2023-07-08 13:51:43 +02:00

586 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2023-0046"
package = "cyfs-base"
date = "2023-06-15"
informational = "unsound"
url = "https://github.com/buckyos/CYFS/issues/275"
keywords = ["alignment", "unsound"]
aliases = ["GHSA-g753-ghr7-q33w"]

[versions]
patched = []

Misaligned pointer dereference in ChunkId::new

The function ChunkId::new creates a misaligned pointer by casting mutable pointer of u8 slice which has alignment 1 to the mutable pointer of u32 which has alignment 4, and dereference the misaligned pointer leading UB, which should not be allowed in safe function.