Lucene search
GoogleOSV:GHSA-PMCV-MGCF-RVXGHistoryJun 16, 2022 - 11:51 p.m.
Non-aligned u32 read in Chacha20 encryption and decryption
2022-06-1623:51:32
Google
osv.dev
5
0.001 Low
EPSS
Percentile
50.5%
The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::from_raw_parts_mut, which breaks the contract and introduces undefined behavior.
This affects Chacha20 encryption and decryption in crypto2.
Related
prion
prion
Design/Logic Flaw
2021-12-27 00:15:00
nvd
nvd
CVE-2021-45709
2021-12-27 00:15:10
cnvd
cnvd
Mozilla Rust has an unspecified vulnerability (CNVD-2022-03129)
2021-12-28 00:00:00
cve
cve
CVE-2021-45709
2021-12-27 00:15:10
github
github
Use of a Broken or Risky Cryptographic Algorithm in crypto2
2022-01-06 22:04:51
rustsec
rustsec
Non-aligned u32 read in Chacha20 encryption and decryption
2021-10-08 12:00:00
osv
osv
Non-aligned u32 read in Chacha20 encryption and decryption
2021-10-08 12:00:00
Use of a Broken or Risky Cryptographic Algorithm in crypto2
2022-01-06 22:04:51
cvelist
cvelist
CVE-2021-45709
2021-12-26 21:47:32