Lucene search

GitHub Advisory DatabaseGHSA-96W3-P368-4H8C

HistoryAug 25, 2021 - 8:46 p.m.

Use after free in internment

2021-08-2520:46:51

CWE-362

GitHub Advisory Database

github.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

75.7%

JSON

ArcIntern::drop has a race condition where it can release memory which is about to get another user. The new user will get a reference to freed memory.

This was fixed by serializing access to an interned object while it is being deallocated.

Versions prior to 0.3.12 used stronger locking which avoided the problem.

Affected configurations

Vulners

Node

internment_projectinternmentRange<0.4.0rust

CPENameOperatorVersion
internmentlt0.4.0

CPE	Name	Operator	Version
	internment	lt	0.4.0

References

github.com/advisories/GHSA-96w3-p368-4h8c

github.com/droundy/internment/issues/11

nvd.nist.gov/vuln/detail/CVE-2020-35874

rustsec.org/advisories/RUSTSEC-2020-0017.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

75.7%

JSON

Related for GHSA-96W3-P368-4H8C