Lucene search
GoogleOSV:RUSTSEC-2019-0008HistoryJun 24, 2019 - 12:00 p.m.
Flaw in string parsing can lead to crashes due to invalid memory access.
2019-06-2412:00:00
Google
osv.dev
5
0.001 Low
EPSS
Percentile
42.5%
The affected version of this crate did not guard against accessing memory
beyond the range of its input data. A pointer cast to read the data into
a 256-bit register could lead to a segmentation fault when the end plus
the 32 bytes (256 bit) read would overlap into the next page during string
parsing.
page | ... page 1 ... | ... page 2 ... |
data | x[n * 32 byte]xx__ | |
access | ..][ 32 byte ] | |
segflt | [ 32 | byte ] |
This allows an attacker to eventually crash a service.
The flaw was corrected by using a padding buffer for the last read from the
input. So that we are we never read over the boundary of the input data.
Related
prion
prion
Design/Logic Flaw
2019-08-26 15:15:00
osv
osv
Out of bounds read in simd-json
2021-08-25 20:43:56
CVE-2019-15550
2019-08-26 15:15:11
nvd
nvd
CVE-2019-15550
2019-08-26 15:15:11
github
github
Out of bounds read in simd-json
2021-08-25 20:43:56
cve
cve
CVE-2019-15550
2019-08-26 15:15:11
rustsec
rustsec
Flaw in string parsing can lead to crashes due to invalid memory access.
2019-06-24 12:00:00
cvelist
cvelist
CVE-2019-15550
2019-08-26 14:31:38