Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rustsecRustsecRUSTSEC-2020-0119
HistoryNov 17, 2020 - 12:00 p.m.

ReadTicket and WriteTicket should only be sendable when T is Send

2020-11-1712:00:00
rustsec.org
10
send
readticket
writeticket
data races
memory corruption
security flaw
affected versions

EPSS

0.002

Percentile

61.8%

JSON

Affected versions of this crate unconditionally implemented Send for ReadTicket<T> & WriteTicket<T>.
This allows to send non-Send T to other threads.

This can allows creating data races by cloning types with internal mutability and sending them to other threads (as T of ReadTicket<T>/WriteTicket<T>). Such data races can cause memory corruption or other undefined behavior.

The flaw was corrected in commit a986a93 by adding T: Send bounds to Send impls of ReadTicket<T>/WriteTicket<T>.

Related

cve 1
github 1
prion 1
osv 3
cnvd 1
nvd 1
cvelist 1
cve
cve
CVE-2020-36439
2021-08-08 06:15:07
github
github
Data races in ticketed_lock
2021-08-25 20:58:58
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
osv
osv
Data races in ticketed_lock
2021-08-25 20:58:58
Data races in ticketed_lock
2021-08-25 21:00:34
ReadTicket and WriteTicket should only be sendable when T is Send
2020-11-17 12:00:00
cnvd
cnvd
Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-78756)
2021-09-23 00:00:00
nvd
nvd
CVE-2020-36439
2021-08-08 06:15:07
cvelist
cvelist
CVE-2020-36439
2021-08-08 05:18:19

EPSS

0.002

Percentile

61.8%

JSON
Related for RUSTSEC-2020-0119
cve1github1prion1osv3cnvd1nvd1cvelist1