Lucene search
China National Vulnerability DatabaseCNVD-2021-78756HistorySep 23, 2021 - 12:00 a.m.
Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-78756)
2021-09-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
mozilla foundation
buffer overflow
rust
vulnerability
memory corruption
exploitation
ticketed lock
cnvd-2021-78756
EPSS
0.002
Percentile
61.8%
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. buffer overflow vulnerabilities exist in versions of Mozilla Rust prior to 0.3.0, stemming from the ticketed_lock crate in Rust. there are unconditional Send implementations for ReadTicket<T> and WriteTicket<T>, which can be exploited to cause memory corruption or other undefined behavior. The vulnerability can be exploited by attackers to cause memory corruption or other undefined behavior.
Related
cve
cve
CVE-2020-36439
2021-08-08 06:15:07
rustsec
rustsec
ReadTicket and WriteTicket should only be sendable when T is Send
2020-11-17 12:00:00
github
github
Data races in ticketed_lock
2021-08-25 20:58:58
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
osv
osv
Data races in ticketed_lock
2021-08-25 20:58:58
Data races in ticketed_lock
2021-08-25 21:00:34
ReadTicket and WriteTicket should only be sendable when T is Send
2020-11-17 12:00:00
nvd
nvd
CVE-2020-36439
2021-08-08 06:15:07
cvelist
cvelist
CVE-2020-36439
2021-08-08 05:18:19