Lucene search
GoogleOSV:GHSA-2F5J-3MHQ-XV58HistoryAug 25, 2021 - 8:58 p.m.
Double free in sys-info
2021-08-2520:58:15
Google
osv.dev
7
sys-info double free vulnerability multithreaded environment.
EPSS
0.002
Percentile
61.8%
Affected versions of sys-info use a static, global, list to store temporary disk information while running. The function that cleans up this list, DFCleanup, assumes a single threaded environment and will try to free the same memory twice in a multithreaded environment. This results in consistent double-frees and segfaults when calling sys_info::disk_info from multiple threads at once. The issue was fixed by moving the global variable into a local scope.
Related
rustsec
rustsec
Double free when calling `sys_info::disk_info` from multiple threads
2020-05-31 12:00:00
nvd
nvd
CVE-2020-36434
2021-08-08 06:15:06
cvelist
cvelist
CVE-2020-36434
2021-08-08 05:19:21
osv
osv
Double free when calling `sys_info::disk_info` from multiple threads
2020-05-31 12:00:00
cnvd
cnvd
Mozilla Rust Resource Management Error Vulnerability (CNVD-2021-85301)
2021-09-23 00:00:00
prion
prion
Double free
2021-08-08 06:15:00
github
github
Double free in sys-info
2021-08-25 20:58:15
cve
cve
CVE-2020-36434
2021-08-08 06:15:06