Lucene search
GoogleOSV:RUSTSEC-2021-0121HistoryOct 08, 2021 - 12:00 p.m.
Non-aligned u32 read in Chacha20 encryption and decryption
2021-10-0812:00:00
Google
osv.dev
9
0.001 Low
EPSS
Percentile
50.5%
The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::from_raw_parts_mut, which breaks the contract and introduces undefined behavior.
This affects Chacha20 encryption and decryption in crypto2.
Related
prion
prion
Design/Logic Flaw
2021-12-27 00:15:00
nvd
nvd
CVE-2021-45709
2021-12-27 00:15:10
cnvd
cnvd
Mozilla Rust has an unspecified vulnerability (CNVD-2022-03129)
2021-12-28 00:00:00
cve
cve
CVE-2021-45709
2021-12-27 00:15:10
osv
osv
Non-aligned u32 read in Chacha20 encryption and decryption
2022-06-16 23:51:32
Use of a Broken or Risky Cryptographic Algorithm in crypto2
2022-01-06 22:04:51
github
github
Use of a Broken or Risky Cryptographic Algorithm in crypto2
2022-01-06 22:04:51
rustsec
rustsec
Non-aligned u32 read in Chacha20 encryption and decryption
2021-10-08 12:00:00
cvelist
cvelist
CVE-2021-45709
2021-12-26 21:47:32