mirror of
https://github.com/rustsec/advisory-db.git
synced 2025-12-27 01:54:07 -05:00
711 B
711 B
[advisory]
id = "RUSTSEC-2020-0150"
package = "disrustor"
date = "2020-12-17"
url = "https://github.com/sklose/disrustor/issues/1"
categories = ["memory-corruption", "thread-safety"]
aliases = ["CVE-2020-36470"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
[versions]
patched = []
RingBuffer can create multiple mutable references and cause data races
The RingBuffer type retrieves mutable references from the DataProvider in a
non-atomic manner, potentially allowing the creation of multiple mutable
references. RingBuffer also implements the Send and Sync traits for all
types T.
This allows undefined behavior from the aliased mutable references as well as data races.