Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-MMC9-PWM7-QJ5W
HistoryAug 25, 2021 - 8:56 p.m.

Unaligned memory access in rand_core

2021-08-2520:56:50
Google
osv.dev
16

0.002 Low

EPSS

Percentile

60.7%

JSON

Impact

Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. rand_core::BlockRng::next_u64 and rand_core::BlockRng::fill_bytes are affected.

Patches

The flaw was corrected by Ralf Jung and Diggory Hardy for rand_core >= 0.4.2.

Workarounds

None.

References

See Rand’s changelog.

For more information

If you have any questions or comments about this advisory, open an issue in the Rand repository.

CPENameOperatorVersion
rand_corelt0.4.2
rand_corelt0.3.1
rand_corege0.4.0

Related

prion 1
github 1
rustsec 1
osv 1
cve 1
nvd 1
debiancve 1
cvelist 1
ubuntucve 1
prion
prion
Integer overflow
2020-09-14 19:15:00
github
github
Unaligned memory access in rand_core
2021-08-25 20:56:50
rustsec
rustsec
Unaligned memory access
2019-04-19 12:00:00
osv
osv
Unaligned memory access
2019-04-19 12:00:00
cve
cve
CVE-2020-25576
2020-09-14 19:15:11
nvd
nvd
CVE-2020-25576
2020-09-14 19:15:11
debiancve
debiancve
CVE-2020-25576
2020-09-14 19:15:11
cvelist
cvelist
CVE-2020-25576
2020-09-14 18:16:00
ubuntucve
ubuntucve
CVE-2020-25576
2020-09-14 00:00:00

0.002 Low

EPSS

Percentile

60.7%

JSON
Related for OSV:GHSA-MMC9-PWM7-QJ5W
prion1github1rustsec1osv1cve1nvd1debiancve1cvelist1ubuntucve1