Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:RUSTSEC-2021-0022
HistoryFeb 09, 2021 - 12:00 p.m.

Use-after-free in `subscript_next` and `subscript_prev` wrappers

2021-02-0912:00:00
Google
osv.dev
7

0.005 Low

EPSS

Percentile

77.0%

JSON

Affected versions of this crate had an unsound implementation which could pass
a pointer to freed memory to ydb_subscript_next_st and
ydb_subscript_prev_st if the variable and subscripts did not have enough
memory allocated on the first call to hold the next variable in the database.

For example, the following code had undefined behavior:

let mut key = Key::variable(String::from("a"));
Key::variable("averylongkeywithlotsofletters")
    .set_st(YDB_NOTTP, Vec::new(), b"some val")
    .unwrap();
key.sub_next_self_st(YDB_NOTTP, Vec::new()).unwrap();

yottadb has no reverse-dependencies on crates.io and there are no known
instances of this API being used incorrectly in practice. The fix is backwards
compatible.

The flaw was corrected by recalculating the pointer each time it was reallocated.

CPENameOperatorVersion
yottadblt1.2.0

Related

github 1
cvelist 1
cve 1
prion 1
nvd 1
rustsec 1
osv 1
github
github
Use-after-free in yottadb
2021-08-25 20:55:30
cvelist
cvelist
CVE-2021-27377
2021-02-18 03:35:20
cve
cve
CVE-2021-27377
2021-02-18 04:15:11
prion
prion
Design/Logic Flaw
2021-02-18 04:15:00
nvd
nvd
CVE-2021-27377
2021-02-18 04:15:11
rustsec
rustsec
Use-after-free in `subscript_next` and `subscript_prev` wrappers
2021-02-09 12:00:00
osv
osv
Use-after-free in yottadb
2021-08-25 20:55:30

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for OSV:RUSTSEC-2021-0022
github1cvelist1cve1prion1nvd1rustsec1osv1