Lucene search
K

4 matches found

OSV
OSV
added 2024/07/08 6:39 p.m.16 views

GHSA-74R5-G7VC-J2V2 zerovec-derive incorrectly uses `#[repr(packed)]`

The affected versions make unsafe memory accesses under the assumption that reprpacked has a guaranteed field order. The Rust specification does not guarantee this, and https://github.com/rust-lang/rust/pull/125360 1.80.0-beta starts reordering fields of reprpacked structs, leading to illegal...

6.9CVSS7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/07/08 6:36 p.m.12 views

zerovec incorrectly uses `#[repr(packed)]`

The affected versions make unsafe memory accesses under the assumption that reprpacked has a guaranteed field order. The Rust specification does not guarantee this, and https://github.com/rust-lang/rust/pull/125360 1.80.0-beta starts reordering fields of reprpacked structs, leading to illegal...

7AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/25 8:53 p.m.28 views

Soundness issue in raw-cpuid

VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...

7.5CVSS7.3AI score0.01261EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/08/25 8:53 p.m.19 views

GHSA-HVQC-PC78-X9WH Soundness issue in raw-cpuid

VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...

7.5CVSS6.2AI score0.01261EPSS
Exploits1References5
Rows per page
Query Builder